Ransomware has become the weapon of choice for cybercriminals and malicious governments, representing a potentially lethal risk to companies that fall victim. Current strains of crypto-ransomware go after all vulnerable resources, including backup, making even selective recovery a complex and costly exercise. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, replacing WannaCry, Spora, and Petya in prominence, sophistication, and destructiveness.
90% of ransomware penetrations are the result of innocent-looking emails that have dangerous links or attachments, and many are "zero-day" strains that can escape detection by traditional signature-matching antivirus filters. While user training and up-front identification are important to protect your network against ransomware, leading practices demand that you assume some attacks will inevitably get through and that you deploy a strong backup mechanism that permits you to restore files and services quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around an online discussion with a Progent security expert experienced in ransomware defense and recovery. During this interview Progent will work with your Brasília network management staff to gather critical data concerning your security setup and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Assessment documenting how to apply leading practices for implementing and managing your cybersecurity and backup systems to prevent or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with crypto-ransomware defense and restoration recovery. The review addresses:
- Correct use of admin accounts
- Correct NTFS (New Technology File System) and SMB authorizations
- Optimal firewall setup
- Safe RDP connections
- Guidance for AntiVirus filtering selection and deployment
The online interview process included with the ProSight Ransomware Preparedness Checkup service lasts about one hour for a typical small business network and requires more time for bigger or more complex IT environments. The written report includes suggestions for enhancing your ability to block or clean up after a ransomware attack and Progent offers as-needed expertise to assist you to create a cost-effective security/data backup system customized for your specific requirements.
- Split permission architecture for backup protection
- Protecting critical servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or deletes files so they cannot be used or are publicized. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the victim is required to send a specified ransom, usually in the form of a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that delivering the ransom will recover the damaged data or avoid its exposure to the public. Files can be encrypted or deleted throughout a network depending on the victim's write permissions, and you cannot break the strong encryption algorithms used on the compromised files. A typical ransomware delivery package is spoofed email, in which the user is tricked into responding to by means of a social engineering technique known as spear phishing. This causes the email to appear to come from a familiar sender. Another popular vulnerability is a poorly protected Remote Desktop Protocol port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the damage caused by different versions of ransomware is said to be billions of dollars per year, more than doubling every two years. Notorious attacks include WannaCry, and Petya. Current headline variants like Ryuk, DoppelPaymer and TeslaCrypt are more complex and have wreaked more damage than older strains. Even if your backup/recovery procedures allow your business to restore your ransomed files, you can still be threatened by exfiltration, where ransomed documents are made public. Because additional variants of ransomware are launched every day, there is no guarantee that traditional signature-matching anti-virus filters will detect the latest malware. If an attack does show up in an email, it is important that your end users have learned to identify social engineering tricks. Your last line of protection is a solid scheme for performing and keeping remote backups plus the use of reliable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Testing in Brasília
For pricing information and to find out more about how Progent's ProSight Ransomware Susceptibility Review can enhance your protection against ransomware in Brasília, phone Progent at 800-462-8800 or visit Contact Progent.