Ransomware has been weaponized by the major cyber-crime organizations and bad-actor governments, posing a potentially lethal risk to businesses that fall victim. Modern versions of ransomware go after all vulnerable resources, including backup, making even partial recovery a complex and expensive exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have made the headlines, displacing Locky, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware penetrations are caused by innocuous-looking emails that have malicious hyperlinks or attachments, and a high percentage are "zero-day" strains that elude the defenses of legacy signature-based antivirus filters. Although user training and up-front identification are important to protect against ransomware, leading practices dictate that you assume some malware will inevitably succeed and that you deploy a strong backup solution that permits you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service centered around a remote discussion with a Progent security expert skilled in ransomware protection and recovery. In the course of this assessment Progent will work directly with your Carlsbad IT management staff to gather critical data about your security setup and backup processes. Progent will use this information to produce a Basic Security and Best Practices Report documenting how to adhere to best practices for implementing and administering your cybersecurity and backup solution to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to ransomware defense and restoration recovery. The report addresses:
- Correct use of admin accounts
- Appropriate NTFS and SMB (Server Message Block) authorizations
- Proper firewall settings
- Secure Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus filtering identification and deployment
The remote interview process included with the ProSight Ransomware Preparedness Assessment service takes about an hour for the average small company and longer for larger or more complex environments. The report document contains suggestions for enhancing your ability to ward off or recover from a ransomware incident and Progent can provide on-demand expertise to help you to create an efficient cybersecurity/backup system customized for your business needs.
- Split permission model for backup integrity
- Backing up critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes a victim's files so they cannot be used or are publicized. Ransomware often locks the victim's computer. To prevent the carnage, the target is required to pay a certain amount of money (the ransom), typically in the form of a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the ransom will restore the lost data or avoid its publication. Files can be altered or erased throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A typical ransomware attack vector is spoofed email, in which the victim is lured into interacting with by a social engineering exploit called spear phishing. This causes the email to look as though it came from a familiar source. Another common vulnerability is a poorly protected RDP port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage attributed to by the many versions of ransomware is estimated at billions of dollars annually, more than doubling every other year. Notorious attacks include WannaCry, and Petya. Recent headline threats like Ryuk, Maze and TeslaCrypt are more complex and have caused more damage than older versions. Even if your backup procedures permit your business to recover your encrypted data, you can still be threatened by exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because new versions of ransomware are launched every day, there is no guarantee that traditional signature-matching anti-virus tools will block a new attack. If an attack does appear in an email, it is critical that your users have learned to be aware of phishing tricks. Your last line of defense is a sound scheme for performing and keeping offsite backups plus the deployment of dependable recovery platforms.
Ask Progent About the ProSight Crypto-Ransomware Readiness Review in Carlsbad
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Evaluation can enhance your defense against crypto-ransomware in Carlsbad, call Progent at 800-462-8800 or see Contact Progent.