Ransomware has become the weapon of choice for cyber extortionists and bad-actor states, posing a potentially existential risk to companies that fall victim. Current variations of ransomware go after all vulnerable resources, including online backup, making even selective recovery a challenging and costly exercise. Novel strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have made the headlines, displacing Locky, TeslaCrypt, and CryptoWall in notoriety, sophistication, and destructiveness.
90% of ransomware infections come from innocuous-seeming emails that have dangerous hyperlinks or attachments, and a high percentage are so-called "zero-day" variants that elude the defenses of traditional signature-based antivirus tools. Although user training and up-front identification are critical to protect your network against ransomware attacks, leading practices dictate that you assume some malware will eventually succeed and that you implement a strong backup solution that allows you to restore files and services rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around a remote interview with a Progent cybersecurity consultant skilled in ransomware defense and recovery. During this assessment Progent will cooperate directly with your Carlsbad network managers to collect critical data about your cybersecurity setup and backup environment. Progent will use this information to create a Basic Security and Best Practices Assessment detailing how to apply leading practices for configuring and managing your cybersecurity and backup solution to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on vital areas associated with ransomware defense and restoration recovery. The report addresses:
- Proper use of administration accounts
- Appropriate NTFS and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Safe Remote Desktop Protocol (RDP) connections
- Guidance for AntiVirus (AV) tools identification and configuration
The online interview process for the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business network and longer for larger or more complicated IT environments. The written report contains suggestions for improving your ability to ward off or clean up after a ransomware incident and Progent can provide as-needed expertise to assist you and your IT staff to create an efficient cybersecurity/backup solution customized for your business needs.
- Split permission architecture for backup protection
- Backing up critical servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or steals a victim's files so they are unusable or are made publicly available. Ransomware sometimes locks the victim's computer. To avoid the carnage, the target is asked to pay a certain ransom, typically in the form of a crypto currency such as Bitcoin, within a brief time window. It is not guaranteed that paying the ransom will recover the lost data or avoid its publication. Files can be encrypted or deleted across a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A typical ransomware delivery package is tainted email, in which the user is tricked into responding to by means of a social engineering exploit called spear phishing. This makes the email message to appear to come from a familiar source. Another popular attack vector is a poorly protected RDP port.
The ransomware variant CryptoLocker opened the new age of ransomware in 2013, and the damage caused by the many versions of ransomware is said to be billions of dollars annually, roughly doubling every other year. Notorious attacks include WannaCry, and Petya. Recent high-profile variants like Ryuk, Sodinokibi and Spora are more complex and have wreaked more damage than older strains. Even if your backup procedures allow your business to recover your encrypted files, you can still be threatened by exfiltration, where ransomed data are made public (known as "doxxing"). Because new variants of ransomware crop up every day, there is no certainty that conventional signature-matching anti-virus filters will detect the latest malware. If threat does show up in an email, it is important that your end users have learned to identify phishing tricks. Your ultimate protection is a sound process for performing and retaining offsite backups plus the use of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Consultation in Carlsbad
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Susceptibility Checkup can enhance your protection against ransomware in Carlsbad, call Progent at 800-462-8800 or see Contact Progent.