Ransomware has become the weapon of choice for cybercriminals and rogue governments, posing a possibly existential risk to businesses that are victimized. Current strains of crypto-ransomware go after all vulnerable resources, including online backup, making even selective recovery a challenging and costly exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have emerged, displacing WannaCry, Cerber, and CryptoWall in prominence, elaborateness, and destructive impact.
90% of ransomware penetrations are the result of innocuous-seeming emails with dangerous links or attachments, and a high percentage are "zero-day" attacks that elude the defenses of traditional signature-matching antivirus (AV) tools. Although user training and up-front identification are important to defend your network against ransomware attacks, leading practices dictate that you expect that some attacks will inevitably get through and that you prepare a solid backup solution that enables you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service built around an online interview with a Progent security consultant skilled in ransomware defense and recovery. During this assessment Progent will collaborate directly with your Brisbane network managers to gather pertinent data about your cybersecurity profile and backup environment. Progent will use this data to produce a Basic Security and Best Practices Assessment detailing how to apply best practices for configuring and administering your security and backup systems to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights key issues associated with crypto-ransomware prevention and restoration recovery. The report covers:
- Proper allocation and use of admin accounts
- Assigning NTFS and SMB (Server Message Block) permissions
- Optimal firewall settings
- Secure RDP connections
- Recommend AntiVirus (AV) tools identification and deployment
The remote interview for the ProSight Ransomware Vulnerability Checkup service takes about one hour for a typical small business and requires more time for larger or more complex IT environments. The written report includes suggestions for enhancing your ability to ward off or clean up after a ransomware incident and Progent offers as-needed expertise to help you and your IT staff to create a cost-effective security/data backup solution tailored to your specific requirements.
- Split permission architecture for backup integrity
- Backing up critical servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a form of malware that encrypts or deletes a victim's files so they are unusable or are made publicly available. Crypto-ransomware often locks the target's computer. To avoid the carnage, the target is asked to pay a certain amount of money, usually in the form of a crypto currency like Bitcoin, within a short period of time. There is no guarantee that paying the extortion price will restore the damaged files or prevent its exposure to the public. Files can be altered or erased across a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is spoofed email, whereby the victim is tricked into responding to by means of a social engineering exploit known as spear phishing. This makes the email message to appear to come from a trusted source. Another popular vulnerability is a poorly secured Remote Desktop Protocol port.
CryptoLocker opened the modern era of ransomware in 2013, and the damage attributed to by different strains of ransomware is said to be billions of dollars per year, more than doubling every other year. Famous attacks include Locky, and Petya. Current headline variants like Ryuk, Maze and Spora are more elaborate and have caused more damage than older strains. Even if your backup procedures allow your business to recover your encrypted data, you can still be threatened by so-called exfiltration, where stolen data are exposed to the public. Because additional versions of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus filters will detect a new malware. If threat does appear in an email, it is critical that your users have learned to identify phishing tricks. Your last line of defense is a solid scheme for scheduling and keeping remote backups and the deployment of dependable recovery tools.
Contact Progent About the ProSight Ransomware Vulnerability Consultation in Brisbane
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Testing can enhance your protection against ransomware in Brisbane, call Progent at 800-462-8800 or visit Contact Progent.