Ransomware has become the weapon of choice for cyber extortionists and rogue governments, posing a possibly lethal threat to companies that fall victim. Modern variations of ransomware go after all vulnerable resources, including online backup, making even partial restoration a complex and costly exercise. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have made the headlines, displacing Locky, Spora, and CryptoWall in notoriety, elaborateness, and destructive impact.
Most ransomware infections are caused by innocuous-seeming emails with malicious links or file attachments, and a high percentage are "zero-day" attacks that can escape the defenses of traditional signature-matching antivirus (AV) tools. Although user training and frontline detection are important to protect your network against ransomware attacks, leading practices dictate that you take for granted some malware will inevitably succeed and that you prepare a strong backup mechanism that enables you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around an online discussion with a Progent security consultant skilled in ransomware protection and repair. During this assessment Progent will cooperate with your Brisbane network management staff to gather critical data concerning your cybersecurity configuration and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and managing your cybersecurity and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with crypto-ransomware prevention and restoration recovery. The review addresses:
- Proper use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB permissions
- Optimal firewall settings
- Secure Remote Desktop Protocol (RDP) access
- Guidance for AntiVirus (AV) tools selection and deployment
The online interview for the ProSight Ransomware Vulnerability Report service takes about one hour for the average small business and requires more time for bigger or more complicated IT environments. The report document features recommendations for improving your ability to block or recover from a ransomware assault and Progent offers as-needed expertise to assist you to design and deploy a cost-effective security/data backup solution customized for your specific requirements.
- Split permission architecture for backup integrity
- Protecting key servers including AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes a victim's files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is asked to pay a certain amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will restore the damaged files or prevent its publication. Files can be altered or erased across a network based on the victim's write permissions, and you cannot solve the strong encryption algorithms used on the compromised files. A typical ransomware attack vector is spoofed email, in which the target is lured into responding to by a social engineering exploit called spear phishing. This makes the email to appear to come from a familiar source. Another common vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by different versions of ransomware is said to be billions of dollars per year, more than doubling every other year. Notorious examples are Locky, and Petya. Recent high-profile threats like Ryuk, Sodinokibi and CryptoWall are more elaborate and have caused more damage than earlier versions. Even if your backup processes enable you to recover your ransomed data, you can still be threatened by so-called exfiltration, where ransomed documents are made public. Because new versions of ransomware crop up daily, there is no guarantee that conventional signature-matching anti-virus tools will block the latest malware. If threat does appear in an email, it is critical that your end users have been taught to be aware of phishing techniques. Your ultimate protection is a sound scheme for scheduling and keeping offsite backups and the deployment of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Report in Brisbane
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Evaluation can enhance your protection against ransomware in Brisbane, call Progent at 800-462-8800 or visit Contact Progent.