Ransomware has been weaponized by the major cyber-crime organizations and bad-actor states, representing a possibly existential threat to businesses that fall victim. The latest variations of ransomware target everything, including online backup, making even partial recovery a challenging and costly exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have emerged, displacing Locky, TeslaCrypt, and Petya in prominence, sophistication, and destructiveness.
Most crypto-ransomware infections are the result of innocent-seeming emails that have malicious links or attachments, and many are so-called "zero-day" attacks that can escape the defenses of legacy signature-based antivirus filters. Although user training and frontline identification are important to defend your network against ransomware, leading practices dictate that you assume some malware will eventually succeed and that you implement a strong backup solution that permits you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service built around an online interview with a Progent security expert skilled in ransomware defense and recovery. In the course of this interview Progent will collaborate with your Centennial network management staff to gather pertinent data concerning your cybersecurity setup and backup processes. Progent will use this information to create a Basic Security and Best Practices Report detailing how to adhere to best practices for implementing and administering your cybersecurity and backup systems to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key issues associated with ransomware defense and restoration recovery. The review addresses:
Security
About Ransomware
Ransomware is a form of malware that encrypts or steals files so they cannot be used or are publicized. Ransomware often locks the target's computer. To prevent the carnage, the victim is required to pay a certain ransom, typically in the form of a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will recover the lost data or avoid its publication. Files can be encrypted or deleted throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the compromised files. A common ransomware delivery package is spoofed email, whereby the target is tricked into responding to by means of a social engineering technique known as spear phishing. This makes the email message to look as though it came from a trusted source. Another popular vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage attributed to by different versions of ransomware is said to be billions of dollars annually, more than doubling every two years. Famous attacks include Locky, and NotPetya. Current high-profile variants like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have wreaked more damage than earlier strains. Even if your backup processes enable you to restore your encrypted data, you can still be hurt by so-called exfiltration, where ransomed data are made public. Because additional versions of ransomware are launched daily, there is no certainty that traditional signature-based anti-virus filters will block a new attack. If an attack does appear in an email, it is important that your end users have learned to identify phishing techniques. Your ultimate defense is a sound scheme for scheduling and retaining remote backups plus the deployment of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Assessment in Centennial
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Audit can bolster your defense against ransomware in Centennial, call Progent at