Ransomware has become the weapon of choice for the major cyber-crime organizations and bad-actor governments, representing a potentially lethal risk to companies that are victimized. The latest versions of ransomware go after everything, including online backup, making even partial recovery a long and costly exercise. Novel strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Lockbit and Egregor have emerged, replacing WannaCry, TeslaCrypt, and CryptoWall in prominence, sophistication, and destructiveness.
Most ransomware infections are caused by innocuous-looking emails that have malicious links or file attachments, and many are so-called "zero-day" strains that elude the defenses of legacy signature-matching antivirus tools. While user training and up-front detection are important to protect your network against ransomware, best practices demand that you assume some attacks will inevitably get through and that you deploy a strong backup mechanism that enables you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around a remote interview with a Progent cybersecurity expert experienced in ransomware protection and repair. During this interview Progent will cooperate with your Buffalo network management staff to collect pertinent information concerning your cybersecurity configuration and backup processes. Progent will use this data to produce a Basic Security and Best Practices Report documenting how to apply best practices for implementing and managing your cybersecurity and backup systems to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues associated with ransomware defense and restoration recovery. The report addresses:
- Proper allocation and use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall configuration
- Safe RDP access
- Advice about AntiVirus (AV) filtering identification and deployment
The online interview process for the ProSight Ransomware Vulnerability Checkup service lasts about an hour for the average small business and requires more time for larger or more complicated environments. The report document features recommendations for enhancing your ability to ward off or clean up after a ransomware attack and Progent offers on-demand consulting services to assist you to create an efficient cybersecurity/data backup solution tailored to your specific needs.
- Split permission architecture for backup protection
- Backing up key servers such as AD
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes a victim's files so they cannot be used or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the damage, the target is required to pay a specified ransom, typically via a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the extortion price will recover the lost files or prevent its publication. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the compromised files. A common ransomware delivery package is spoofed email, in which the user is lured into interacting with by a social engineering technique known as spear phishing. This makes the email to look as though it came from a trusted sender. Another popular attack vector is a poorly secured RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Notorious examples include WannaCry, and Petya. Current high-profile threats like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have wreaked more damage than earlier versions. Even if your backup procedures allow you to recover your encrypted data, you can still be hurt by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because new versions of ransomware crop up daily, there is no guarantee that conventional signature-based anti-virus tools will block the latest attack. If an attack does appear in an email, it is important that your end users have been taught to identify phishing techniques. Your ultimate defense is a solid scheme for performing and keeping offsite backups plus the deployment of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Assessment in Buffalo
For pricing details and to learn more about how Progent's ProSight Ransomware Preparedness Assessment can enhance your defense against crypto-ransomware in Buffalo, call Progent at 800-462-8800 or see Contact Progent.