Ransomware has been widely adopted by cyber extortionists and malicious states, posing a potentially existential risk to companies that fall victim. The latest strains of crypto-ransomware go after all vulnerable resources, including online backup, making even partial restoration a challenging and expensive exercise. New strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have made the headlines, replacing Locky, Cerber, and CryptoWall in prominence, sophistication, and destructive impact.
Most crypto-ransomware breaches are caused by innocuous-seeming emails with dangerous links or file attachments, and a high percentage are "zero-day" attacks that elude detection by traditional signature-based antivirus tools. While user training and up-front identification are important to defend your network against ransomware attacks, leading practices dictate that you assume some attacks will inevitably get through and that you prepare a strong backup solution that allows you to repair the damage quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an online discussion with a Progent security consultant skilled in ransomware defense and repair. In the course of this assessment Progent will collaborate directly with your Cabo Frio network managers to collect pertinent information about your security profile and backup processes. Progent will use this information to produce a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and administering your cybersecurity and backup systems to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware prevention and restoration recovery. The report addresses:
- Effective allocation and use of administration accounts
- Appropriate NTFS and SMB permissions
- Optimal firewall configuration
- Secure RDP configuration
- Guidance for AntiVirus (AV) filtering identification and deployment
The remote interview process for the ProSight Ransomware Vulnerability Report service lasts about an hour for a typical small business network and requires more time for bigger or more complicated IT environments. The report document includes suggestions for enhancing your ability to ward off or clean up after a ransomware assault and Progent can provide on-demand consulting services to help you to create an efficient cybersecurity/backup system tailored to your specific requirements.
- Split permission architecture for backup protection
- Backing up required servers including AD
- Offsite backups including cloud backup to Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the victim is asked to pay a specified amount of money, typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will recover the lost data or avoid its exposure to the public. Files can be encrypted or erased throughout a network depending on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is tainted email, in which the victim is lured into interacting with by a social engineering technique known as spear phishing. This causes the email to appear to come from a familiar sender. Another common attack vector is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by the many versions of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious examples are Locky, and Petya. Recent headline threats like Ryuk, Maze and TeslaCrypt are more sophisticated and have caused more havoc than older versions. Even if your backup processes allow your business to restore your ransomed data, you can still be hurt by so-called exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because additional versions of ransomware crop up every day, there is no certainty that conventional signature-based anti-virus filters will detect the latest malware. If an attack does show up in an email, it is critical that your users have been taught to be aware of phishing techniques. Your last line of defense is a solid scheme for performing and retaining remote backups and the use of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Review in Cabo Frio
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Consultation can bolster your protection against crypto-ransomware in Cabo Frio, call Progent at 800-462-8800 or see Contact Progent.