Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue governments, posing a possibly existential threat to companies that are victimized. The latest versions of ransomware target everything, including backup, making even partial recovery a challenging and expensive process. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Lockbit and Egregor have made the headlines, displacing Locky, Cerber, and Petya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware breaches come from innocuous-seeming emails that include dangerous hyperlinks or attachments, and many are so-called "zero-day" variants that can escape detection by legacy signature-matching antivirus filters. While user training and frontline detection are critical to defend against ransomware attacks, leading practices dictate that you take for granted some malware will inevitably get through and that you deploy a solid backup mechanism that allows you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware defense and recovery. During this interview Progent will work directly with your Charlotte IT management staff to collect critical information about your security configuration and backup environment. Progent will use this information to produce a Basic Security and Best Practices Assessment detailing how to apply best practices for implementing and administering your cybersecurity and backup systems to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key issues associated with crypto-ransomware defense and restoration recovery. The review addresses:
- Effective use of admin accounts
- Correct NTFS (New Technology File System) and SMB authorizations
- Optimal firewall settings
- Safe Remote Desktop Protocol (RDP) connections
- Recommend AntiVirus (AV) filtering selection and configuration
The online interview process included with the ProSight Ransomware Preparedness Checkup service takes about an hour for the average small business and requires more time for bigger or more complex environments. The written report contains suggestions for enhancing your ability to ward off or clean up after a ransomware incident and Progent offers as-needed expertise to help your business to create a cost-effective security/backup system tailored to your business requirements.
- Split permission model for backup integrity
- Protecting key servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the victim's computer. To prevent the carnage, the victim is asked to send a certain amount of money, usually via a crypto currency like Bitcoin, within a short period of time. It is never certain that paying the extortion price will restore the lost data or avoid its publication. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the hostage files. A common ransomware delivery package is spoofed email, in which the victim is lured into responding to by means of a social engineering exploit called spear phishing. This makes the email to look as though it came from a trusted source. Another popular attack vector is an improperly protected RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the damage attributed to by the many versions of ransomware is said to be billions of dollars per year, more than doubling every other year. Notorious attacks are WannaCry, and Petya. Recent high-profile threats like Ryuk, Maze and CryptoWall are more complex and have caused more damage than older versions. Even if your backup/recovery processes permit your business to recover your encrypted files, you can still be hurt by exfiltration, where stolen documents are made public. Because additional versions of ransomware crop up every day, there is no certainty that conventional signature-based anti-virus tools will detect a new malware. If an attack does appear in an email, it is important that your end users have been taught to identify phishing tricks. Your ultimate defense is a sound scheme for scheduling and keeping remote backups plus the use of dependable restoration platforms.
Ask Progent About the ProSight Ransomware Vulnerability Evaluation in Charlotte
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can enhance your protection against ransomware in Charlotte, phone Progent at 800-993-9400 or see Contact Progent.