Ransomware has become the weapon of choice for cyber extortionists and rogue states, representing a possibly lethal threat to companies that fall victim. Current versions of ransomware target all vulnerable resources, including online backup, making even partial restoration a complex and expensive exercise. New versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, LockBit and Nephilim have made the headlines, displacing Locky, Cerber, and CryptoWall in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware breaches come from innocuous-seeming emails that have malicious hyperlinks or attachments, and a high percentage are "zero-day" strains that can escape the defenses of traditional signature-based antivirus (AV) filters. While user education and up-front identification are critical to defend against ransomware attacks, leading practices demand that you assume some attacks will inevitably succeed and that you prepare a strong backup mechanism that allows you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around an online interview with a Progent security expert experienced in ransomware protection and recovery. During this interview Progent will collaborate with your Centennial IT managers to gather critical data concerning your cybersecurity setup and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and managing your cybersecurity and backup systems to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital areas associated with crypto-ransomware defense and restoration recovery. The report covers:
Ransomware is a type of malware that encrypts or steals files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the carnage, the target is required to send a certain amount of money (the ransom), usually in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that delivering the extortion price will recover the damaged files or prevent its exposure to the public. Files can be encrypted or erased throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A typical ransomware delivery package is booby-trapped email, in which the target is tricked into interacting with by means of a social engineering technique called spear phishing. This makes the email message to look as though it came from a trusted source. Another popular attack vector is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Notorious examples are Locky, and Petya. Recent high-profile threats like Ryuk, DoppelPaymer and CryptoWall are more sophisticated and have wreaked more havoc than older strains. Even if your backup processes enable you to restore your ransomed files, you can still be threatened by so-called exfiltration, where ransomed data are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up every day, there is no guarantee that traditional signature-based anti-virus tools will detect the latest malware. If threat does appear in an email, it is important that your end users have learned to identify social engineering tricks. Your ultimate protection is a solid process for scheduling and retaining remote backups plus the deployment of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Vulnerability Testing in Centennial
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Review can enhance your protection against crypto-ransomware in Centennial, phone Progent at