Ransomware has been weaponized by cybercriminals and bad-actor states, posing a potentially existential risk to companies that fall victim. The latest strains of crypto-ransomware go after all vulnerable resources, including backup, making even partial restoration a complex and costly process. New strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, replacing WannaCry, Spora, and NotPetya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware penetrations are the result of innocent-looking emails that have dangerous hyperlinks or attachments, and many are "zero-day" variants that elude detection by traditional signature-matching antivirus (AV) filters. While user education and up-front identification are critical to protect against ransomware, best practices dictate that you assume some attacks will inevitably get through and that you put in place a strong backup solution that enables you to repair the damage quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service built around a remote interview with a Progent security consultant experienced in ransomware protection and repair. In the course of this assessment Progent will work directly with your Buffalo network management staff to collect critical information about your security setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Assessment detailing how to apply leading practices for implementing and administering your cybersecurity and backup solution to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key issues related to ransomware prevention and restoration recovery. The report addresses:
- Effective use of administration accounts
- Correct NTFS and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Secure RDP access
- Advice about AntiVirus (AV) filtering identification and deployment
The remote interview process for the ProSight Ransomware Preparedness Report service lasts about an hour for the average small business and longer for bigger or more complicated environments. The written report features suggestions for improving your ability to block or clean up after a ransomware incident and Progent can provide on-demand consulting services to assist you to design and deploy an efficient security/backup system tailored to your specific needs.
- Split permission architecture for backup protection
- Backing up critical servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes a victim's files so they are unusable or are publicized. Ransomware often locks the target's computer. To avoid the carnage, the target is required to pay a specified ransom, usually via a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the extortion price will recover the lost files or prevent its exposure to the public. Files can be encrypted or deleted throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the compromised files. A common ransomware attack vector is booby-trapped email, in which the user is tricked into responding to by means of a social engineering exploit called spear phishing. This causes the email message to appear to come from a familiar sender. Another common vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars per year, roughly doubling every other year. Famous attacks include WannaCry, and Petya. Current headline threats like Ryuk, DoppelPaymer and Cerber are more complex and have caused more damage than older versions. Even if your backup procedures enable you to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new versions of ransomware are launched every day, there is no guarantee that traditional signature-matching anti-virus filters will detect a new malware. If an attack does appear in an email, it is critical that your end users have been taught to be aware of phishing techniques. Your last line of defense is a sound process for scheduling and keeping offsite backups and the use of reliable recovery tools.
Contact Progent About the ProSight Ransomware Readiness Report in Buffalo
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Evaluation can enhance your defense against ransomware in Buffalo, call Progent at 800-993-9400 or visit Contact Progent.