Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue states, representing a possibly existential risk to businesses that are breached. The latest variations of crypto-ransomware target everything, including backup, making even selective restoration a long and expensive exercise. Novel strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have made the headlines, displacing Locky, Cerber, and NotPetya in prominence, sophistication, and destructiveness.
Most ransomware breaches come from innocent-looking emails that include dangerous hyperlinks or file attachments, and a high percentage are so-called "zero-day" attacks that can escape detection by traditional signature-matching antivirus (AV) tools. Although user education and up-front identification are important to defend against ransomware attacks, leading practices dictate that you take for granted some malware will inevitably succeed and that you prepare a solid backup mechanism that allows you to restore files and services rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service built around an online interview with a Progent security consultant experienced in ransomware defense and recovery. In the course of this interview Progent will collaborate directly with your Boston IT management staff to gather critical data about your cybersecurity posture and backup processes. Progent will use this data to produce a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and managing your security and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Report highlights key issues associated with ransomware defense and restoration recovery. The review covers:
Security
About Ransomware
Ransomware is a variety of malware that encrypts or deletes a victim's files so they are unusable or are publicized. Ransomware sometimes locks the victim's computer. To avoid the carnage, the target is asked to send a specified amount of money (the ransom), usually in the form of a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that paying the ransom will restore the lost files or avoid its exposure to the public. Files can be encrypted or erased throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is booby-trapped email, in which the target is lured into interacting with by means of a social engineering exploit known as spear phishing. This makes the email message to appear to come from a familiar source. Another common attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the new age of ransomware in 2013, and the monetary losses caused by different versions of ransomware is said to be billions of dollars annually, more than doubling every two years. Notorious examples include WannaCry, and Petya. Current headline threats like Ryuk, Sodinokibi and TeslaCrypt are more complex and have wreaked more damage than older strains. Even if your backup procedures permit you to recover your encrypted data, you can still be threatened by so-called exfiltration, where stolen documents are made public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no guarantee that traditional signature-based anti-virus filters will detect the latest attack. If threat does appear in an email, it is critical that your users have learned to be aware of phishing techniques. Your last line of protection is a sound scheme for performing and retaining offsite backups plus the deployment of dependable restoration tools.
Contact Progent About the ProSight Ransomware Vulnerability Testing in Boston
For pricing details and to find out more about how Progent's ProSight Ransomware Vulnerability Review can enhance your defense against ransomware in Boston, phone Progent at