Ransomware has been widely adopted by the major cyber-crime organizations and rogue governments, posing a possibly lethal risk to companies that are successfully attacked. Current variations of crypto-ransomware target all vulnerable resources, including online backup, making even selective restoration a challenging and costly process. Novel versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Lockbit and Egregor have made the headlines, replacing WannaCry, Spora, and CryptoWall in prominence, elaborateness, and destructive impact.
90% of ransomware breaches are caused by innocuous-seeming emails with dangerous links or attachments, and many are "zero-day" strains that elude detection by legacy signature-matching antivirus filters. Although user education and frontline identification are important to protect your network against ransomware, leading practices demand that you expect that some malware will eventually succeed and that you deploy a solid backup solution that enables you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service centered around an online interview with a Progent cybersecurity consultant skilled in ransomware protection and recovery. In the course of this interview Progent will cooperate with your Brisbane network management staff to collect critical data about your security configuration and backup environment. Progent will use this information to generate a Basic Security and Best Practices Assessment documenting how to follow leading practices for configuring and managing your cybersecurity and backup solution to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with ransomware prevention and restoration recovery. The report addresses:
- Correct use of admin accounts
- Assigning NTFS (New Technology File System) and SMB authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol (RDP) access
- Guidance for AntiVirus (AV) filtering identification and deployment
The remote interview process included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business network and longer for larger or more complicated environments. The report document includes suggestions for improving your ability to ward off or recover from a ransomware incident and Progent offers on-demand expertise to help you and your IT staff to design and deploy a cost-effective cybersecurity/backup solution customized for your specific needs.
- Split permission model for backup protection
- Protecting critical servers including Active Directory
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malware that encrypts or steals a victim's files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the carnage, the victim is asked to send a specified ransom, typically in the form of a crypto currency such as Bitcoin, within a brief time window. It is never certain that delivering the ransom will recover the damaged files or avoid its publication. Files can be encrypted or erased throughout a network depending on the target's write permissions, and you cannot reverse engineer the strong encryption technologies used on the hostage files. A common ransomware delivery package is booby-trapped email, in which the user is lured into interacting with by means of a social engineering exploit called spear phishing. This causes the email message to appear to come from a familiar source. Another popular vulnerability is a poorly protected Remote Desktop Protocol port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Famous attacks are WannaCry, and NotPetya. Current high-profile threats like Ryuk, Sodinokibi and CryptoWall are more complex and have wreaked more damage than older versions. Even if your backup/recovery procedures permit you to recover your ransomed data, you can still be threatened by exfiltration, where ransomed data are made public. Because additional versions of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus tools will block the latest attack. If threat does appear in an email, it is critical that your users have been taught to identify phishing techniques. Your ultimate defense is a sound scheme for performing and keeping offsite backups and the deployment of dependable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Audit in Brisbane
For pricing information and to find out more about how Progent's ProSight Ransomware Susceptibility Checkup can enhance your protection against crypto-ransomware in Brisbane, phone Progent at 800-462-8800 or visit Contact Progent.