Ransomware has been weaponized by cybercriminals and malicious states, representing a potentially lethal threat to businesses that fall victim. Current variations of ransomware target everything, including backup, making even selective recovery a complex and expensive process. Novel strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have made the headlines, displacing WannaCry, TeslaCrypt, and Petya in notoriety, elaborateness, and destructive impact.
90% of crypto-ransomware breaches are the result of innocuous-looking emails that have dangerous hyperlinks or file attachments, and many are so-called "zero-day" attacks that elude the defenses of legacy signature-based antivirus filters. Although user training and frontline identification are critical to protect your network against ransomware attacks, best practices dictate that you assume some malware will inevitably get through and that you prepare a solid backup mechanism that permits you to recover quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service built around an online discussion with a Progent security expert experienced in ransomware protection and repair. During this assessment Progent will work directly with your Bristol IT managers to collect critical data concerning your cybersecurity setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Report detailing how to apply leading practices for configuring and administering your security and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas related to ransomware defense and restoration recovery. The review covers:
- Proper allocation and use of admin accounts
- Assigning NTFS and SMB permissions
- Proper firewall setup
- Safe Remote Desktop Protocol (RDP) access
- Recommend AntiVirus tools selection and configuration
The remote interview process included with the ProSight Ransomware Vulnerability Assessment service takes about an hour for a typical small company and requires more time for larger or more complicated environments. The written report features suggestions for enhancing your ability to block or clean up after a ransomware assault and Progent offers as-needed expertise to assist your business to create an efficient cybersecurity/data backup solution tailored to your business needs.
- Split permission model for backup integrity
- Backing up key servers such as AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes a victim's files so they are unusable or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is required to pay a specified amount of money, typically via a crypto currency such as Bitcoin, within a brief period of time. It is never certain that delivering the extortion price will restore the lost files or avoid its publication. Files can be altered or deleted across a network based on the target's write permissions, and you cannot break the military-grade encryption algorithms used on the compromised files. A typical ransomware delivery package is spoofed email, in which the target is lured into responding to by a social engineering exploit called spear phishing. This causes the email to look as though it came from a familiar sender. Another popular vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Famous attacks are Locky, and Petya. Recent headline variants like Ryuk, DoppelPaymer and Spora are more sophisticated and have wreaked more damage than older strains. Even if your backup processes enable your business to restore your encrypted files, you can still be threatened by exfiltration, where stolen data are made public. Because new variants of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus filters will block a new malware. If threat does appear in an email, it is important that your users have been taught to be aware of phishing tricks. Your ultimate defense is a sound process for scheduling and keeping remote backups plus the use of dependable restoration platforms.
Ask Progent About the ProSight Ransomware Vulnerability Assessment in Bristol
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Checkup can enhance your protection against crypto-ransomware in Bristol, phone Progent at 800-462-8800 or see Contact Progent.