Ransomware has become the weapon of choice for cybercriminals and malicious governments, representing a potentially lethal threat to businesses that are victimized. The latest versions of ransomware target all vulnerable resources, including backup, making even partial restoration a long and costly exercise. New strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Egregor have emerged, replacing Locky, Spora, and Petya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections are the result of innocuous-looking emails with dangerous links or file attachments, and many are "zero-day" variants that elude detection by traditional signature-matching antivirus (AV) filters. While user training and up-front identification are critical to defend your network against ransomware, leading practices dictate that you assume some attacks will eventually get through and that you prepare a strong backup solution that allows you to repair the damage rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service centered around an online interview with a Progent security consultant experienced in ransomware protection and repair. In the course of this assessment Progent will collaborate directly with your Charleston IT managers to collect pertinent data about your security profile and backup environment. Progent will use this data to generate a Basic Security and Best Practices Assessment detailing how to follow best practices for configuring and managing your security and backup solution to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital issues associated with ransomware defense and restoration recovery. The report addresses:
- Proper allocation and use of admin accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Secure Remote Desktop Protocol connections
- Recommend AntiVirus (AV) tools selection and configuration
The online interview for the ProSight Ransomware Preparedness Checkup service takes about one hour for a typical small business and longer for bigger or more complex environments. The written report features suggestions for improving your ability to block or clean up after a ransomware incident and Progent offers as-needed consulting services to help you and your IT staff to design and deploy a cost-effective security/data backup system customized for your business requirements.
- Split permission architecture for backup protection
- Protecting required servers such as Active Directory
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or steals a victim's files so they are unusable or are publicized. Ransomware often locks the target's computer. To prevent the carnage, the target is required to send a specified ransom, typically in the form of a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will recover the damaged data or avoid its exposure to the public. Files can be encrypted or deleted throughout a network depending on the target's write permissions, and you cannot break the military-grade encryption algorithms used on the hostage files. A typical ransomware delivery package is tainted email, in which the victim is lured into responding to by a social engineering exploit called spear phishing. This makes the email to appear to come from a familiar sender. Another popular vulnerability is an improperly secured RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars annually, more than doubling every other year. Famous attacks include Locky, and NotPetya. Current headline variants like Ryuk, Maze and CryptoWall are more sophisticated and have caused more havoc than earlier strains. Even if your backup procedures allow your business to recover your ransomed files, you can still be hurt by exfiltration, where ransomed documents are made public. Because new variants of ransomware are launched daily, there is no certainty that conventional signature-matching anti-virus tools will detect a new malware. If threat does appear in an email, it is important that your end users have learned to be aware of phishing tricks. Your ultimate defense is a sound process for scheduling and retaining remote backups plus the use of reliable restoration tools.
Contact Progent About the ProSight Ransomware Susceptibility Assessment in Charleston
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Readiness Review can enhance your defense against ransomware in Charleston, phone Progent at 800-462-8800 or visit Contact Progent.