Ransomware has been weaponized by cybercriminals and rogue states, representing a potentially existential risk to businesses that fall victim. Modern variations of ransomware target everything, including backup, making even selective restoration a long and expensive process. Novel strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have emerged, replacing Locky, Spora, and Petya in prominence, elaborateness, and destructiveness.
Most crypto-ransomware penetrations come from innocuous-looking emails that have dangerous links or file attachments, and a high percentage are "zero-day" strains that elude the defenses of traditional signature-based antivirus tools. Although user education and up-front detection are critical to protect against ransomware, leading practices demand that you take for granted some attacks will inevitably succeed and that you deploy a solid backup mechanism that allows you to recover quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around an online discussion with a Progent security expert experienced in ransomware defense and repair. In the course of this assessment Progent will work with your Cabo Frio network managers to collect critical data about your security configuration and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Report documenting how to follow best practices for implementing and administering your security and backup systems to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The review covers:
- Proper use of administration accounts
- Appropriate NTFS and SMB permissions
- Optimal firewall settings
- Safe Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus tools identification and deployment
The online interview process for the ProSight Ransomware Vulnerability Checkup service takes about one hour for a typical small company and longer for larger or more complicated IT environments. The written report includes recommendations for improving your ability to ward off or clean up after a ransomware attack and Progent offers as-needed expertise to help your business to create an efficient security/backup system customized for your business needs.
- Split permission architecture for backup integrity
- Protecting critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malware that encrypts or deletes files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To avoid the carnage, the victim is required to send a certain ransom, usually in the form of a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the extortion price will recover the damaged data or prevent its exposure to the public. Files can be encrypted or erased throughout a network based on the target's write permissions, and you cannot break the strong encryption algorithms used on the compromised files. A common ransomware attack vector is spoofed email, in which the victim is tricked into interacting with by means of a social engineering technique known as spear phishing. This makes the email message to appear to come from a familiar sender. Another popular attack vector is a poorly secured Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of ransomware in 2013, and the damage attributed to by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious examples are Locky, and NotPetya. Recent high-profile threats like Ryuk, DoppelPaymer and CryptoWall are more elaborate and have caused more havoc than older versions. Even if your backup processes enable you to recover your ransomed files, you can still be hurt by exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because new versions of ransomware crop up daily, there is no guarantee that conventional signature-based anti-virus filters will block the latest malware. If an attack does appear in an email, it is critical that your users have learned to identify social engineering tricks. Your ultimate defense is a solid process for scheduling and keeping remote backups plus the deployment of dependable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Evaluation in Cabo Frio
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Checkup can bolster your protection against crypto-ransomware in Cabo Frio, call Progent at 800-462-8800 or see Contact Progent.