Ransomware has become the weapon of choice for cyber extortionists and bad-actor states, representing a potentially existential threat to businesses that fall victim. Current strains of ransomware go after everything, including online backup, making even selective recovery a challenging and costly process. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have made the headlines, replacing WannaCry, Spora, and CryptoWall in notoriety, sophistication, and destructiveness.
90% of ransomware breaches are the result of innocent-looking emails with malicious hyperlinks or file attachments, and a high percentage are so-called "zero-day" strains that elude the defenses of legacy signature-matching antivirus (AV) tools. While user training and frontline identification are important to protect your network against ransomware attacks, best practices demand that you assume some attacks will inevitably succeed and that you implement a solid backup mechanism that enables you to repair the damage quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around a remote discussion with a Progent cybersecurity expert skilled in ransomware defense and repair. In the course of this interview Progent will cooperate with your Campinas IT managers to gather critical information about your security posture and backup processes. Progent will use this data to create a Basic Security and Best Practices Report documenting how to follow leading practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on vital issues associated with ransomware defense and restoration recovery. The report addresses:
- Proper use of administration accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Proper firewall settings
- Safe RDP connections
- Recommend AntiVirus (AV) filtering identification and deployment
The remote interview process included with the ProSight Ransomware Preparedness Report service lasts about an hour for a typical small business and longer for larger or more complex IT environments. The written report contains suggestions for enhancing your ability to ward off or recover from a ransomware incident and Progent can provide on-demand expertise to help you and your IT staff to create an efficient cybersecurity/data backup solution tailored to your business requirements.
- Split permission architecture for backup protection
- Protecting required servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To avoid the damage, the victim is asked to pay a specified amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a brief period of time. It is not guaranteed that delivering the extortion price will recover the damaged files or prevent its exposure to the public. Files can be encrypted or erased throughout a network depending on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A typical ransomware attack vector is tainted email, whereby the user is tricked into responding to by means of a social engineering technique known as spear phishing. This makes the email message to look as though it came from a trusted sender. Another popular attack vector is an improperly secured Remote Desktop Protocol port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous examples include WannaCry, and Petya. Recent high-profile variants like Ryuk, Maze and TeslaCrypt are more sophisticated and have wreaked more havoc than earlier strains. Even if your backup/recovery procedures enable you to restore your encrypted files, you can still be threatened by so-called exfiltration, where ransomed data are made public. Because new versions of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus tools will detect the latest malware. If threat does appear in an email, it is important that your end users have been taught to be aware of phishing techniques. Your last line of protection is a solid process for performing and retaining remote backups plus the use of reliable recovery tools.
Contact Progent About the ProSight Ransomware Readiness Assessment in Campinas
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Vulnerability Report can bolster your protection against ransomware in Campinas, phone Progent at 800-462-8800 or see Contact Progent.