Ransomware has become the weapon of choice for the major cyber-crime organizations and bad-actor states, representing a potentially lethal risk to companies that are victimized. Modern variations of ransomware go after all vulnerable resources, including backup, making even selective recovery a challenging and expensive process. New versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Nephilim have emerged, replacing WannaCry, Cerber, and CryptoWall in notoriety, elaborateness, and destructive impact.
90% of ransomware breaches are the result of innocuous-looking emails that have dangerous links or file attachments, and a high percentage are "zero-day" attacks that can escape the defenses of legacy signature-matching antivirus filters. While user training and up-front detection are critical to protect your network against ransomware attacks, best practices demand that you take for granted some attacks will eventually get through and that you prepare a solid backup solution that permits you to repair the damage rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around a remote discussion with a Progent security expert experienced in ransomware defense and recovery. In the course of this assessment Progent will work with your Chatsworth IT management staff to collect pertinent data about your security profile and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Assessment documenting how to follow best practices for configuring and managing your security and backup solution to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Report focuses on vital issues associated with crypto-ransomware prevention and restoration recovery. The report addresses:
- Correct allocation and use of administration accounts
- Assigning NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Safe RDP configuration
- Recommend AntiVirus tools selection and configuration
The online interview process for the ProSight Ransomware Preparedness Report service lasts about one hour for the average small company and longer for bigger or more complex IT environments. The report document contains recommendations for improving your ability to block or recover from a ransomware incident and Progent offers as-needed expertise to help you and your IT staff to create an efficient security/data backup solution customized for your specific requirements.
- Split permission model for backup protection
- Backing up critical servers such as AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the victim's computer. To prevent the carnage, the victim is asked to send a certain ransom, usually via a crypto currency such as Bitcoin, within a brief period of time. It is never certain that delivering the ransom will recover the damaged files or prevent its exposure to the public. Files can be encrypted or deleted throughout a network based on the victim's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the user is tricked into responding to by a social engineering exploit called spear phishing. This causes the email message to look as though it came from a trusted sender. Another common vulnerability is an improperly protected Remote Desktop Protocol port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage caused by different strains of ransomware is said to be billions of dollars per year, more than doubling every other year. Notorious examples are Locky, and Petya. Current headline threats like Ryuk, Sodinokibi and Spora are more elaborate and have caused more damage than older strains. Even if your backup procedures permit you to recover your encrypted data, you can still be hurt by exfiltration, where stolen documents are exposed to the public. Because additional variants of ransomware crop up every day, there is no guarantee that traditional signature-matching anti-virus tools will detect a new malware. If an attack does show up in an email, it is critical that your end users have learned to be aware of phishing tricks. Your ultimate protection is a sound process for performing and retaining remote backups and the use of reliable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Checkup in Chatsworth
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Susceptibility Assessment can bolster your protection against ransomware in Chatsworth, phone Progent at 800-993-9400 or visit Contact Progent.