Ransomware has been widely adopted by cyber extortionists and bad-actor governments, posing a potentially lethal risk to businesses that are successfully attacked. The latest versions of crypto-ransomware go after everything, including online backup, making even selective restoration a long and costly process. Novel strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Egregor have emerged, replacing WannaCry, TeslaCrypt, and CryptoWall in prominence, sophistication, and destructive impact.
90% of ransomware infections are caused by innocuous-looking emails that include dangerous links or attachments, and a high percentage are "zero-day" attacks that can escape detection by traditional signature-based antivirus tools. Although user education and up-front identification are important to defend your network against ransomware attacks, leading practices demand that you assume some malware will inevitably get through and that you put in place a strong backup mechanism that allows you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service built around a remote discussion with a Progent cybersecurity consultant experienced in ransomware protection and recovery. In the course of this interview Progent will cooperate directly with your Chattanooga network managers to collect critical information about your security posture and backup processes. Progent will use this data to produce a Basic Security and Best Practices Report documenting how to follow leading practices for configuring and administering your security and backup solution to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas associated with ransomware prevention and restoration recovery. The review addresses:
- Correct use of admin accounts
- Assigning NTFS and SMB permissions
- Proper firewall configuration
- Secure Remote Desktop Protocol (RDP) connections
- Advice about AntiVirus tools selection and configuration
The remote interview for the ProSight Ransomware Vulnerability Assessment service lasts about one hour for a typical small business network and longer for bigger or more complex environments. The report document features recommendations for enhancing your ability to ward off or recover from a ransomware assault and Progent offers on-demand consulting services to assist you and your IT staff to design and deploy a cost-effective security/backup system tailored to your specific needs.
- Split permission model for backup protection
- Protecting key servers including Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or deletes files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To avoid the damage, the target is asked to pay a specified ransom, typically via a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the ransom will restore the lost data or avoid its publication. Files can be altered or erased throughout a network based on the victim's write permissions, and you cannot solve the military-grade encryption algorithms used on the compromised files. A typical ransomware attack vector is tainted email, whereby the target is lured into interacting with by means of a social engineering exploit known as spear phishing. This causes the email message to look as though it came from a familiar sender. Another popular attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Famous examples are Locky, and Petya. Recent high-profile threats like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have caused more havoc than older versions. Even if your backup/recovery processes enable your business to recover your encrypted files, you can still be threatened by so-called exfiltration, where stolen documents are made public. Because additional versions of ransomware crop up every day, there is no guarantee that conventional signature-matching anti-virus filters will detect a new malware. If threat does appear in an email, it is critical that your end users have learned to be aware of social engineering techniques. Your ultimate defense is a sound process for performing and retaining remote backups and the deployment of reliable recovery tools.
Ask Progent About the ProSight Ransomware Susceptibility Review in Chattanooga
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Evaluation can enhance your defense against crypto-ransomware in Chattanooga, phone Progent at 800-462-8800 or visit Contact Progent.