Ransomware has become the weapon of choice for cybercriminals and bad-actor states, representing a possibly existential threat to businesses that are successfully attacked. The latest strains of crypto-ransomware target everything, including backup, making even selective recovery a long and costly exercise. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have emerged, replacing Locky, Spora, and CryptoWall in notoriety, elaborateness, and destructiveness.
90% of ransomware infections are the result of innocent-looking emails that have malicious hyperlinks or attachments, and a high percentage are so-called "zero-day" strains that elude the defenses of legacy signature-based antivirus filters. Although user education and up-front detection are important to protect your network against ransomware, leading practices dictate that you expect that some attacks will eventually succeed and that you put in place a solid backup solution that enables you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around a remote discussion with a Progent cybersecurity consultant skilled in ransomware defense and repair. In the course of this assessment Progent will work directly with your Charleston IT managers to collect pertinent information about your cybersecurity configuration and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Assessment detailing how to apply leading practices for implementing and managing your cybersecurity and backup solution to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas related to crypto-ransomware prevention and restoration recovery. The report covers:
- Correct use of admin accounts
- Assigning NTFS (New Technology File System) and SMB authorizations
- Proper firewall settings
- Secure Remote Desktop Protocol (RDP) connections
- Advice about AntiVirus (AV) tools identification and deployment
The remote interview included with the ProSight Ransomware Preparedness Checkup service takes about an hour for a typical small company and requires more time for bigger or more complicated IT environments. The written report contains recommendations for improving your ability to block or recover from a ransomware assault and Progent can provide as-needed expertise to help you and your IT staff to create a cost-effective cybersecurity/data backup system tailored to your specific needs.
- Split permission model for backup integrity
- Protecting key servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals files so they are unusable or are made publicly available. Ransomware often locks the target's computer. To avoid the damage, the victim is asked to send a specified ransom, typically in the form of a crypto currency such as Bitcoin, within a short period of time. It is not guaranteed that paying the ransom will recover the damaged data or avoid its publication. Files can be encrypted or erased throughout a network depending on the target's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A typical ransomware attack vector is spoofed email, whereby the victim is lured into responding to by a social engineering exploit called spear phishing. This makes the email message to appear to come from a familiar sender. Another common attack vector is an improperly secured Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars per year, roughly doubling every other year. Famous attacks are Locky, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and Spora are more sophisticated and have wreaked more damage than earlier versions. Even if your backup/recovery processes enable you to restore your encrypted data, you can still be hurt by exfiltration, where stolen data are made public. Because additional variants of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus tools will detect the latest attack. If an attack does appear in an email, it is important that your users have been taught to be aware of phishing techniques. Your last line of defense is a solid scheme for scheduling and retaining remote backups plus the use of dependable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Readiness Audit in Charleston
For pricing details and to learn more about how Progent's ProSight Ransomware Susceptibility Review can bolster your defense against crypto-ransomware in Charleston, call Progent at 800-462-8800 or see Contact Progent.