Ransomware has been widely adopted by the major cyber-crime organizations and malicious governments, representing a potentially lethal risk to companies that are breached. Current versions of crypto-ransomware target all vulnerable resources, including backup, making even partial restoration a challenging and costly process. New versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Egregor have emerged, displacing WannaCry, Cerber, and Petya in prominence, elaborateness, and destructiveness.
90% of ransomware infections are the result of innocent-seeming emails with malicious hyperlinks or attachments, and many are so-called "zero-day" strains that can escape detection by legacy signature-matching antivirus tools. Although user training and up-front identification are important to protect against ransomware, best practices dictate that you expect that some malware will eventually get through and that you deploy a solid backup mechanism that enables you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around a remote discussion with a Progent security consultant experienced in ransomware protection and recovery. In the course of this assessment Progent will collaborate directly with your Chatsworth network management staff to gather critical information concerning your cybersecurity setup and backup processes. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to apply leading practices for configuring and managing your security and backup solution to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital issues associated with crypto-ransomware defense and restoration recovery. The report addresses:
- Effective use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Safe RDP access
- Advice about AntiVirus (AV) tools selection and configuration
The remote interview included with the ProSight Ransomware Preparedness Checkup service lasts about one hour for a typical small business network and longer for larger or more complex IT environments. The written report includes suggestions for enhancing your ability to ward off or recover from a ransomware attack and Progent can provide on-demand consulting services to help your business to create a cost-effective cybersecurity/backup solution tailored to your specific needs.
- Split permission model for backup integrity
- Protecting key servers such as AD
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware often locks the victim's computer. To avoid the damage, the target is asked to pay a certain ransom, typically in the form of a crypto currency such as Bitcoin, within a short period of time. It is never certain that paying the ransom will restore the lost files or avoid its exposure to the public. Files can be altered or erased across a network based on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is tainted email, whereby the target is tricked into responding to by a social engineering exploit called spear phishing. This makes the email message to appear to come from a familiar source. Another common attack vector is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the damage attributed to by different versions of ransomware is estimated at billions of dollars annually, more than doubling every two years. Famous attacks include Locky, and NotPetya. Recent high-profile threats like Ryuk, Maze and Spora are more complex and have wreaked more damage than earlier versions. Even if your backup processes permit your business to recover your ransomed data, you can still be hurt by exfiltration, where stolen data are made public. Because new variants of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus filters will block a new malware. If threat does show up in an email, it is critical that your users have been taught to identify social engineering techniques. Your ultimate defense is a solid scheme for scheduling and keeping offsite backups plus the deployment of dependable restoration tools.
Contact Progent About the ProSight Ransomware Preparedness Review in Chatsworth
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Assessment can enhance your protection against crypto-ransomware in Chatsworth, call Progent at 800-462-8800 or see Contact Progent.