Ransomware has been weaponized by the major cyber-crime organizations and rogue states, representing a possibly lethal threat to businesses that are breached. Modern versions of crypto-ransomware go after everything, including online backup, making even partial recovery a long and expensive process. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have made the headlines, displacing Locky, Spora, and Petya in prominence, sophistication, and destructive impact.
90% of ransomware infections come from innocuous-looking emails with dangerous links or file attachments, and many are so-called "zero-day" variants that elude the defenses of traditional signature-matching antivirus tools. Although user training and up-front detection are critical to defend your network against ransomware, leading practices demand that you assume some attacks will inevitably succeed and that you prepare a solid backup solution that enables you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and repair. During this assessment Progent will cooperate directly with your Brisbane IT managers to gather pertinent information about your security setup and backup environment. Progent will use this information to generate a Basic Security and Best Practices Report detailing how to follow best practices for configuring and managing your cybersecurity and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to crypto-ransomware defense and restoration recovery. The report covers:
- Proper allocation and use of administration accounts
- Assigning NTFS (New Technology File System) and SMB permissions
- Optimal firewall configuration
- Secure RDP connections
- Recommend AntiVirus (AV) tools identification and deployment
The remote interview included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for bigger or more complex environments. The written report features suggestions for improving your ability to ward off or clean up after a ransomware assault and Progent offers as-needed expertise to help you and your IT staff to create an efficient cybersecurity/data backup solution customized for your specific requirements.
- Split permission architecture for backup integrity
- Protecting key servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or steals files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the victim is required to send a certain amount of money, typically via a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will restore the damaged files or avoid its exposure to the public. Files can be encrypted or deleted throughout a network depending on the target's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is tainted email, in which the target is lured into interacting with by a social engineering exploit called spear phishing. This makes the email message to look as though it came from a trusted sender. Another popular attack vector is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage caused by different strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Famous attacks include Locky, and Petya. Recent high-profile threats like Ryuk, Maze and CryptoWall are more elaborate and have wreaked more havoc than earlier strains. Even if your backup/recovery processes enable your business to restore your ransomed files, you can still be threatened by so-called exfiltration, where stolen data are made public. Because new variants of ransomware crop up daily, there is no certainty that traditional signature-matching anti-virus filters will detect a new attack. If threat does show up in an email, it is important that your end users have learned to be aware of social engineering techniques. Your last line of protection is a solid process for performing and keeping remote backups plus the use of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Vulnerability Evaluation in Brisbane
For pricing information and to find out more about how Progent's ProSight Ransomware Readiness Consultation can bolster your protection against ransomware in Brisbane, phone Progent at 800-462-8800 or visit Contact Progent.