Ransomware has been weaponized by the major cyber-crime organizations and bad-actor governments, representing a possibly lethal risk to companies that are victimized. The latest versions of ransomware go after all vulnerable resources, including backup, making even partial recovery a challenging and expensive exercise. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have emerged, replacing WannaCry, Cerber, and Petya in prominence, sophistication, and destructiveness.
Most crypto-ransomware infections are caused by innocuous-seeming emails that include dangerous hyperlinks or attachments, and a high percentage are "zero-day" attacks that can escape the defenses of legacy signature-based antivirus (AV) filters. While user education and frontline identification are critical to protect your network against ransomware, best practices dictate that you assume some attacks will inevitably get through and that you prepare a strong backup solution that permits you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around a remote discussion with a Progent cybersecurity expert experienced in ransomware defense and recovery. In the course of this assessment Progent will work directly with your Bristol IT management staff to collect critical information about your cybersecurity profile and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and administering your security and backup solution to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to crypto-ransomware prevention and restoration recovery. The review addresses:
- Effective use of administration accounts
- Appropriate NTFS and SMB authorizations
- Proper firewall settings
- Secure RDP configuration
- Advice about AntiVirus tools identification and deployment
The online interview process included with the ProSight Ransomware Vulnerability Report service lasts about one hour for the average small business and requires more time for larger or more complicated IT environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware assault and Progent offers as-needed expertise to assist you to design and deploy a cost-effective security/data backup system customized for your business requirements.
- Split permission architecture for backup protection
- Backing up required servers such as AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Ransomware sometimes locks the victim's computer. To avoid the damage, the target is required to send a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that paying the extortion price will recover the lost data or avoid its publication. Files can be altered or erased throughout a network depending on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the compromised files. A typical ransomware attack vector is spoofed email, in which the target is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to look as though it came from a familiar sender. Another common vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious attacks are WannaCry, and NotPetya. Current headline variants like Ryuk, Maze and TeslaCrypt are more complex and have wreaked more damage than earlier strains. Even if your backup processes enable your business to recover your ransomed files, you can still be hurt by so-called exfiltration, where ransomed data are made public. Because additional variants of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus tools will block the latest attack. If threat does appear in an email, it is important that your end users have learned to identify phishing techniques. Your last line of protection is a sound process for performing and keeping remote backups and the use of dependable recovery tools.
Ask Progent About the ProSight Ransomware Preparedness Consultation in Bristol
For pricing details and to find out more about how Progent's ProSight Ransomware Preparedness Audit can enhance your protection against ransomware in Bristol, call Progent at 800-462-8800 or see Contact Progent.