Ransomware has been widely adopted by the major cyber-crime organizations and rogue states, posing a potentially lethal threat to companies that fall victim. The latest strains of ransomware go after all vulnerable resources, including online backup, making even selective restoration a challenging and costly exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Egregor have made the headlines, displacing WannaCry, Spora, and Petya in notoriety, elaborateness, and destructive impact.
90% of crypto-ransomware breaches come from innocent-looking emails with malicious hyperlinks or file attachments, and many are so-called "zero-day" variants that elude detection by legacy signature-matching antivirus tools. While user training and frontline identification are important to defend your network against ransomware attacks, leading practices dictate that you take for granted some malware will inevitably succeed and that you implement a solid backup mechanism that enables you to repair the damage quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service built around an online discussion with a Progent security consultant experienced in ransomware defense and repair. In the course of this assessment Progent will collaborate directly with your Boise IT management staff to gather critical information concerning your security profile and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Report detailing how to follow leading practices for implementing and managing your cybersecurity and backup systems to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key areas related to crypto-ransomware prevention and restoration recovery. The review addresses:
- Effective use of admin accounts
- Correct NTFS and SMB authorizations
- Proper firewall setup
- Safe Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus (AV) tools identification and configuration
The remote interview for the ProSight Ransomware Vulnerability Assessment service takes about one hour for the average small business network and requires more time for larger or more complex environments. The report document contains recommendations for enhancing your ability to block or clean up after a ransomware incident and Progent can provide as-needed expertise to assist you to create an efficient cybersecurity/backup system tailored to your specific requirements.
- Split permission architecture for backup integrity
- Protecting critical servers including Active Directory
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a type of malicious software that encrypts or deletes files so they cannot be used or are publicized. Ransomware often locks the target's computer. To avoid the carnage, the target is required to pay a certain amount of money, typically via a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that paying the ransom will restore the damaged data or prevent its publication. Files can be encrypted or erased throughout a network depending on the target's write permissions, and you cannot solve the military-grade encryption algorithms used on the compromised files. A common ransomware attack vector is tainted email, whereby the victim is lured into responding to by a social engineering exploit called spear phishing. This causes the email to appear to come from a trusted source. Another popular vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious examples are Locky, and NotPetya. Current high-profile threats like Ryuk, Sodinokibi and Cerber are more complex and have caused more havoc than earlier strains. Even if your backup/recovery procedures permit your business to recover your encrypted files, you can still be threatened by exfiltration, where stolen documents are exposed to the public. Because new variants of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus filters will detect a new attack. If threat does appear in an email, it is important that your users have been taught to identify social engineering tricks. Your last line of defense is a solid scheme for performing and retaining remote backups plus the use of dependable restoration tools.
Contact Progent About the ProSight Ransomware Readiness Testing in Boise
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Audit can enhance your protection against crypto-ransomware in Boise, phone Progent at 800-462-8800 or see Contact Progent.