Ransomware has been widely adopted by cybercriminals and rogue states, representing a possibly existential threat to companies that are successfully attacked. Modern variations of ransomware go after everything, including backup, making even selective restoration a challenging and expensive process. Novel versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Nephilim have emerged, displacing Locky, Spora, and NotPetya in notoriety, elaborateness, and destructive impact.
Most ransomware penetrations are the result of innocent-seeming emails with dangerous links or attachments, and a high percentage are "zero-day" variants that can escape the defenses of legacy signature-matching antivirus (AV) filters. While user training and up-front detection are important to protect against ransomware, best practices dictate that you expect that some attacks will eventually succeed and that you deploy a strong backup mechanism that enables you to repair the damage quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around a remote discussion with a Progent security expert skilled in ransomware defense and repair. In the course of this assessment Progent will work with your Centennial IT management staff to collect pertinent information about your cybersecurity posture and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Report detailing how to adhere to best practices for implementing and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights key issues related to ransomware prevention and restoration recovery. The review covers:
Security
About Ransomware
Ransomware is a type of malicious software that encrypts or steals files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is required to pay a certain amount of money, typically via a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that paying the extortion price will recover the damaged data or prevent its exposure to the public. Files can be altered or erased across a network based on the target's write permissions, and you cannot break the strong encryption algorithms used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the target is tricked into interacting with by a social engineering technique known as spear phishing. This makes the email message to look as though it came from a familiar sender. Another common vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars annually, more than doubling every two years. Notorious examples are WannaCry, and NotPetya. Current high-profile variants like Ryuk, Maze and TeslaCrypt are more complex and have wreaked more damage than earlier versions. Even if your backup processes allow you to restore your encrypted data, you can still be threatened by exfiltration, where stolen data are made public. Because additional versions of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus filters will block the latest attack. If an attack does show up in an email, it is important that your users have learned to identify social engineering techniques. Your ultimate protection is a solid process for performing and retaining offsite backups plus the use of reliable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Evaluation in Centennial
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Audit can enhance your defense against crypto-ransomware in Centennial, phone Progent at