Ransomware has become the weapon of choice for cybercriminals and rogue governments, posing a potentially lethal risk to companies that are successfully attacked. The latest strains of ransomware go after everything, including backup, making even partial recovery a challenging and expensive exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, displacing Locky, Cerber, and CryptoWall in notoriety, elaborateness, and destructive impact.
90% of crypto-ransomware penetrations come from innocent-looking emails that have malicious links or attachments, and a high percentage are "zero-day" attacks that can escape detection by traditional signature-based antivirus filters. While user training and frontline identification are important to protect against ransomware attacks, leading practices demand that you expect that some malware will eventually get through and that you prepare a solid backup mechanism that allows you to restore files and services quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around a remote discussion with a Progent security consultant skilled in ransomware protection and repair. In the course of this assessment Progent will work directly with your Buffalo IT managers to gather pertinent information about your cybersecurity profile and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to adhere to best practices for implementing and administering your security and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key areas related to crypto-ransomware defense and restoration recovery. The review covers:
- Proper use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Safe RDP configuration
- Guidance for AntiVirus filtering selection and deployment
The online interview process for the ProSight Ransomware Vulnerability Checkup service lasts about one hour for the average small business and longer for bigger or more complicated IT environments. The report document includes recommendations for improving your ability to ward off or clean up after a ransomware assault and Progent can provide as-needed consulting services to help you and your IT staff to design and deploy an efficient security/data backup solution customized for your specific needs.
- Split permission architecture for backup protection
- Backing up critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the damage, the target is asked to send a specified amount of money (the ransom), usually in the form of a crypto currency like Bitcoin, within a short period of time. It is never certain that paying the ransom will recover the damaged files or prevent its exposure to the public. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the compromised files. A common ransomware delivery package is spoofed email, whereby the user is tricked into interacting with by a social engineering technique called spear phishing. This causes the email to look as though it came from a trusted sender. Another common vulnerability is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the damage attributed to by different versions of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous attacks include WannaCry, and NotPetya. Current headline variants like Ryuk, Sodinokibi and CryptoWall are more complex and have wreaked more havoc than older strains. Even if your backup processes permit your business to restore your ransomed files, you can still be threatened by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus tools will block the latest malware. If an attack does appear in an email, it is critical that your users have learned to be aware of phishing techniques. Your last line of protection is a solid process for performing and keeping remote backups and the deployment of dependable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Assessment in Buffalo
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Assessment can bolster your defense against ransomware in Buffalo, phone Progent at 800-462-8800 or visit Contact Progent.