Ransomware has become the weapon of choice for cyber extortionists and rogue governments, posing a potentially lethal risk to companies that are victimized. Modern variations of ransomware go after everything, including online backup, making even partial restoration a complex and costly exercise. New variations of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Nephilim have emerged, replacing WannaCry, Spora, and NotPetya in notoriety, sophistication, and destructive impact.
Most crypto-ransomware penetrations come from innocuous-seeming emails that have malicious links or attachments, and many are "zero-day" variants that elude detection by legacy signature-matching antivirus (AV) tools. Although user training and frontline detection are critical to defend your network against ransomware attacks, best practices demand that you expect that some malware will eventually get through and that you deploy a strong backup mechanism that permits you to restore files and services quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service built around an online interview with a Progent cybersecurity expert skilled in ransomware defense and recovery. In the course of this assessment Progent will collaborate directly with your Chandler IT managers to collect critical data about your security setup and backup processes. Progent will use this data to create a Basic Security and Best Practices Report documenting how to apply leading practices for configuring and managing your security and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital areas related to crypto-ransomware defense and restoration recovery. The review covers:
Cybersecurity
About Ransomware
Ransomware is a type of malicious software that encrypts or steals files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To avoid the carnage, the target is required to pay a certain amount of money, usually via a crypto currency like Bitcoin, within a brief time window. It is never certain that paying the ransom will recover the damaged files or prevent its exposure to the public. Files can be encrypted or erased throughout a network depending on the target's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is spoofed email, whereby the target is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to look as though it came from a familiar source. Another popular attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Notorious examples include WannaCry, and Petya. Recent high-profile variants like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have wreaked more havoc than earlier strains. Even if your backup/recovery procedures enable your business to recover your encrypted data, you can still be threatened by so-called exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because additional variants of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus tools will block a new attack. If threat does appear in an email, it is important that your end users have been taught to be aware of social engineering techniques. Your ultimate defense is a solid scheme for scheduling and keeping offsite backups plus the deployment of reliable recovery platforms.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Testing in Chandler
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Audit can enhance your protection against ransomware in Chandler, call Progent at