Ransomware has been widely adopted by cyber extortionists and malicious states, posing a possibly lethal risk to businesses that are breached. Current versions of ransomware go after everything, including online backup, making even partial recovery a complex and costly exercise. Novel strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have made the headlines, replacing WannaCry, Spora, and NotPetya in notoriety, sophistication, and destructiveness.
Most ransomware infections are the result of innocuous-looking emails that have malicious hyperlinks or attachments, and a high percentage are so-called "zero-day" variants that elude detection by traditional signature-based antivirus filters. While user education and up-front detection are important to protect against ransomware, best practices demand that you assume some attacks will eventually get through and that you implement a solid backup mechanism that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around a remote discussion with a Progent security expert skilled in ransomware defense and recovery. In the course of this interview Progent will cooperate with your Carlsbad network management staff to collect pertinent information about your security configuration and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Assessment detailing how to apply best practices for implementing and managing your cybersecurity and backup systems to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key issues related to crypto-ransomware prevention and restoration recovery. The review addresses:
- Proper use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall configuration
- Secure Remote Desktop Protocol configuration
- Recommend AntiVirus (AV) tools identification and deployment
The online interview process for the ProSight Ransomware Preparedness Checkup service lasts about an hour for a typical small company and longer for bigger or more complicated IT environments. The written report features suggestions for enhancing your ability to block or clean up after a ransomware incident and Progent offers on-demand expertise to help you to create an efficient cybersecurity/backup solution tailored to your specific requirements.
- Split permission model for backup integrity
- Backing up critical servers including AD
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a type of malware that encrypts or steals a victim's files so they are unusable or are publicized. Ransomware sometimes locks the target's computer. To prevent the damage, the victim is required to send a specified amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a brief period of time. It is not guaranteed that paying the extortion price will restore the damaged data or prevent its exposure to the public. Files can be altered or deleted throughout a network based on the target's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A common ransomware delivery package is booby-trapped email, in which the target is tricked into responding to by means of a social engineering technique called spear phishing. This makes the email to appear to come from a familiar sender. Another common attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the damage caused by the many strains of ransomware is estimated at billions of dollars annually, roughly doubling every two years. Famous attacks are WannaCry, and NotPetya. Current headline threats like Ryuk, DoppelPaymer and Spora are more complex and have wreaked more damage than earlier versions. Even if your backup/recovery processes permit your business to restore your ransomed data, you can still be hurt by so-called exfiltration, where stolen documents are exposed to the public. Because new versions of ransomware are launched daily, there is no guarantee that traditional signature-matching anti-virus tools will block a new malware. If threat does appear in an email, it is critical that your end users have learned to identify phishing techniques. Your last line of protection is a sound process for scheduling and retaining remote backups and the deployment of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Readiness Checkup in Carlsbad
For pricing details and to find out more about how Progent's ProSight Ransomware Susceptibility Testing can enhance your protection against crypto-ransomware in Carlsbad, call Progent at 800-993-9400 or visit Contact Progent.