Ransomware has been weaponized by the major cyber-crime organizations and rogue states, representing a potentially lethal risk to companies that are victimized. The latest variations of crypto-ransomware go after all vulnerable resources, including backup, making even selective restoration a complex and costly process. Novel variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Egregor have emerged, replacing Locky, TeslaCrypt, and Petya in notoriety, sophistication, and destructive impact.
Most crypto-ransomware breaches are caused by innocuous-seeming emails that include dangerous hyperlinks or attachments, and a high percentage are "zero-day" strains that can escape the defenses of legacy signature-based antivirus filters. Although user training and frontline identification are critical to defend against ransomware, leading practices dictate that you take for granted some malware will inevitably succeed and that you deploy a solid backup mechanism that allows you to repair the damage rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around a remote interview with a Progent security consultant experienced in ransomware defense and repair. During this interview Progent will collaborate with your Campinas network managers to gather pertinent data concerning your security profile and backup processes. Progent will use this information to produce a Basic Security and Best Practices Assessment detailing how to adhere to leading practices for configuring and administering your cybersecurity and backup systems to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report highlights key areas associated with crypto-ransomware prevention and restoration recovery. The report covers:
- Correct use of administration accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall configuration
- Safe Remote Desktop Protocol configuration
- Recommend AntiVirus filtering identification and configuration
The online interview process included with the ProSight Ransomware Preparedness Checkup service lasts about an hour for a typical small business and longer for bigger or more complex environments. The report document includes suggestions for improving your ability to ward off or recover from a ransomware incident and Progent can provide as-needed consulting services to help you and your IT staff to create a cost-effective cybersecurity/data backup system tailored to your specific needs.
- Split permission model for backup protection
- Backing up required servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the damage, the victim is required to pay a certain amount of money, usually via a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will restore the lost data or avoid its publication. Files can be encrypted or deleted across a network depending on the target's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A common ransomware attack vector is spoofed email, whereby the target is lured into interacting with by a social engineering technique called spear phishing. This makes the email message to appear to come from a familiar sender. Another popular attack vector is a poorly protected RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the damage caused by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous attacks include WannaCry, and Petya. Current headline threats like Ryuk, Sodinokibi and Spora are more elaborate and have caused more damage than earlier versions. Even if your backup processes enable your business to restore your encrypted data, you can still be hurt by so-called exfiltration, where ransomed documents are made public. Because additional versions of ransomware are launched every day, there is no certainty that conventional signature-matching anti-virus tools will detect a new attack. If an attack does appear in an email, it is critical that your users have been taught to be aware of social engineering techniques. Your ultimate protection is a sound process for performing and keeping offsite backups and the deployment of dependable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Audit in Campinas
For pricing details and to learn more about how Progent's ProSight Ransomware Vulnerability Assessment can enhance your protection against crypto-ransomware in Campinas, phone Progent at 800-993-9400 or see Contact Progent.