Ransomware has been weaponized by cyber extortionists and malicious governments, posing a potentially lethal threat to companies that are victimized. The latest strains of crypto-ransomware target all vulnerable resources, including online backup, making even selective restoration a long and expensive exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have emerged, replacing WannaCry, Spora, and NotPetya in notoriety, sophistication, and destructiveness.
90% of ransomware breaches come from innocuous-looking emails that have dangerous hyperlinks or file attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus filters. While user education and up-front identification are important to protect against ransomware attacks, leading practices dictate that you expect that some malware will inevitably get through and that you prepare a solid backup solution that enables you to recover quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around a remote interview with a Progent security expert skilled in ransomware defense and recovery. In the course of this assessment Progent will work directly with your Chatsworth network managers to gather critical data concerning your security profile and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Assessment documenting how to follow leading practices for configuring and administering your cybersecurity and backup solution to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital issues related to crypto-ransomware defense and restoration recovery. The report covers:
- Proper use of administration accounts
- Assigning NTFS (New Technology File System) and SMB permissions
- Optimal firewall configuration
- Secure Remote Desktop Protocol access
- Guidance for AntiVirus (AV) filtering identification and deployment
The online interview process included with the ProSight Ransomware Preparedness Report service lasts about one hour for a typical small company and longer for larger or more complex IT environments. The report document includes suggestions for improving your ability to ward off or recover from a ransomware assault and Progent can provide as-needed consulting services to assist you and your IT staff to design and deploy an efficient cybersecurity/backup solution customized for your specific requirements.
- Split permission architecture for backup integrity
- Protecting key servers including Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they cannot be used or are made publicly available. Crypto-ransomware often locks the victim's computer. To avoid the damage, the victim is required to send a specified ransom, typically in the form of a crypto currency like Bitcoin, within a short time window. It is never certain that delivering the ransom will recover the lost files or prevent its publication. Files can be altered or erased across a network based on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is spoofed email, in which the victim is lured into interacting with by a social engineering technique known as spear phishing. This causes the email to look as though it came from a trusted source. Another common vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious examples are WannaCry, and Petya. Current high-profile threats like Ryuk, Maze and CryptoWall are more sophisticated and have wreaked more havoc than earlier versions. Even if your backup procedures permit you to restore your encrypted data, you can still be hurt by exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new versions of ransomware are launched daily, there is no certainty that conventional signature-matching anti-virus tools will block the latest malware. If threat does show up in an email, it is important that your end users have learned to identify social engineering tricks. Your ultimate defense is a sound process for scheduling and keeping offsite backups and the deployment of dependable restoration platforms.
Ask Progent About the ProSight Ransomware Preparedness Report in Chatsworth
For pricing details and to find out more about how Progent's ProSight Ransomware Preparedness Consultation can bolster your protection against crypto-ransomware in Chatsworth, phone Progent at 800-462-8800 or visit Contact Progent.