Ransomware has been widely adopted by cyber extortionists and rogue governments, posing a potentially existential risk to businesses that fall victim. Modern versions of ransomware target everything, including online backup, making even partial recovery a long and costly exercise. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, replacing WannaCry, Spora, and CryptoWall in notoriety, sophistication, and destructive impact.
Most crypto-ransomware infections come from innocent-looking emails with dangerous links or file attachments, and many are so-called "zero-day" attacks that can escape the defenses of traditional signature-matching antivirus filters. While user education and up-front identification are important to defend against ransomware attacks, best practices demand that you take for granted some attacks will eventually get through and that you put in place a strong backup mechanism that enables you to recover quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service centered around an online discussion with a Progent security expert skilled in ransomware protection and repair. During this interview Progent will cooperate with your Boston IT managers to collect pertinent data concerning your security profile and backup processes. Progent will utilize this information to generate a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and managing your security and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with crypto-ransomware prevention and restoration recovery. The review addresses:
- Effective use of administration accounts
- Appropriate NTFS and SMB (Server Message Block) authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol connections
- Guidance for AntiVirus (AV) filtering selection and deployment
The remote interview included with the ProSight Ransomware Vulnerability Assessment service lasts about an hour for a typical small company and longer for bigger or more complex environments. The written report contains suggestions for improving your ability to block or recover from a ransomware attack and Progent offers on-demand consulting services to assist you to create an efficient cybersecurity/data backup solution customized for your specific requirements.
- Split permission architecture for backup protection
- Backing up critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a form of malware that encrypts or steals files so they are unusable or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the target is required to send a certain amount of money, typically via a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the extortion price will recover the lost files or prevent its publication. Files can be encrypted or erased throughout a network depending on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A typical ransomware delivery package is tainted email, in which the target is tricked into responding to by means of a social engineering exploit known as spear phishing. This causes the email to appear to come from a familiar sender. Another popular attack vector is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Famous examples include Locky, and NotPetya. Recent high-profile threats like Ryuk, Maze and Spora are more sophisticated and have caused more havoc than older versions. Even if your backup/recovery procedures allow you to recover your encrypted data, you can still be threatened by so-called exfiltration, where ransomed documents are exposed to the public. Because additional versions of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus tools will block the latest malware. If an attack does appear in an email, it is critical that your end users have learned to be aware of social engineering tricks. Your ultimate protection is a solid process for performing and retaining offsite backups plus the use of dependable recovery tools.
Ask Progent About the ProSight Ransomware Vulnerability Testing in Boston
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can enhance your protection against ransomware in Boston, call Progent at 800-462-8800 or see Contact Progent.