Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue states, representing a possibly existential risk to businesses that are successfully attacked. The latest strains of ransomware go after everything, including backup, making even partial restoration a long and costly exercise. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have emerged, displacing WannaCry, Cerber, and NotPetya in notoriety, sophistication, and destructiveness.
90% of ransomware penetrations are caused by innocent-looking emails with dangerous hyperlinks or attachments, and a high percentage are so-called "zero-day" variants that elude detection by legacy signature-matching antivirus filters. Although user training and frontline identification are important to protect your network against ransomware attacks, best practices dictate that you expect that some attacks will inevitably succeed and that you implement a strong backup solution that allows you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service built around an online interview with a Progent security consultant skilled in ransomware protection and repair. During this interview Progent will cooperate with your Cabo Frio IT managers to gather pertinent information concerning your security setup and backup environment. Progent will use this data to generate a Basic Security and Best Practices Assessment detailing how to adhere to best practices for configuring and administering your security and backup solution to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key issues related to crypto-ransomware prevention and restoration recovery. The report covers:
- Correct allocation and use of admin accounts
- Assigning NTFS (New Technology File System) and SMB authorizations
- Proper firewall configuration
- Safe Remote Desktop Protocol (RDP) connections
- Recommend AntiVirus (AV) tools identification and deployment
The remote interview for the ProSight Ransomware Preparedness Report service lasts about one hour for the average small company and longer for bigger or more complex environments. The written report features recommendations for improving your ability to ward off or clean up after a ransomware attack and Progent offers on-demand consulting services to help your business to create a cost-effective security/backup solution customized for your business needs.
- Split permission architecture for backup protection
- Backing up required servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malware that encrypts or deletes files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the carnage, the victim is required to send a certain amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a brief time window. It is never certain that paying the extortion price will recover the damaged files or avoid its publication. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot solve the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is booby-trapped email, whereby the victim is tricked into responding to by means of a social engineering technique known as spear phishing. This makes the email to appear to come from a familiar source. Another common vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the new age of ransomware in 2013, and the damage caused by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Famous examples are Locky, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and Spora are more sophisticated and have caused more havoc than older versions. Even if your backup processes enable you to restore your encrypted files, you can still be threatened by exfiltration, where ransomed documents are exposed to the public. Because new versions of ransomware are launched every day, there is no guarantee that traditional signature-based anti-virus tools will block the latest attack. If threat does appear in an email, it is critical that your users have been taught to be aware of social engineering tricks. Your last line of defense is a sound process for scheduling and retaining remote backups and the use of reliable recovery platforms.
Contact Progent About the ProSight Ransomware Vulnerability Evaluation in Cabo Frio
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Evaluation can enhance your protection against crypto-ransomware in Cabo Frio, phone Progent at 800-993-9400 or see Contact Progent.