Ransomware has been widely adopted by the major cyber-crime organizations and malicious governments, representing a possibly lethal threat to businesses that are successfully attacked. Modern strains of crypto-ransomware target everything, including backup, making even partial restoration a long and expensive exercise. New versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have made the headlines, replacing WannaCry, Spora, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware penetrations are caused by innocent-seeming emails with dangerous hyperlinks or attachments, and many are so-called "zero-day" strains that can escape detection by legacy signature-matching antivirus (AV) tools. While user education and frontline detection are important to protect against ransomware, best practices demand that you expect that some attacks will eventually get through and that you implement a strong backup solution that permits you to repair the damage rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent security consultant experienced in ransomware protection and repair. During this interview Progent will cooperate with your Chesapeake IT management staff to collect pertinent data concerning your cybersecurity setup and backup processes. Progent will use this information to create a Basic Security and Best Practices Report documenting how to adhere to best practices for configuring and managing your security and backup solution to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital areas associated with crypto-ransomware defense and restoration recovery. The report addresses:
- Correct use of admin accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall setup
- Secure Remote Desktop Protocol (RDP) configuration
- Recommend AntiVirus tools selection and deployment
The remote interview included with the ProSight Ransomware Preparedness Checkup service lasts about one hour for the average small business network and longer for bigger or more complex IT environments. The report document includes suggestions for improving your ability to ward off or recover from a ransomware incident and Progent offers on-demand consulting services to help you to design and deploy a cost-effective cybersecurity/data backup solution tailored to your business needs.
- Split permission architecture for backup integrity
- Backing up critical servers such as AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or steals files so they cannot be used or are made publicly available. Ransomware often locks the victim's computer. To prevent the damage, the target is required to send a certain ransom, usually via a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the extortion price will recover the damaged files or avoid its exposure to the public. Files can be altered or deleted across a network based on the target's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, whereby the victim is tricked into responding to by a social engineering technique known as spear phishing. This causes the email to appear to come from a trusted source. Another common attack vector is a poorly protected RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by different strains of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Famous attacks include Locky, and NotPetya. Recent high-profile variants like Ryuk, Sodinokibi and Cerber are more sophisticated and have wreaked more damage than earlier strains. Even if your backup/recovery procedures permit your business to recover your ransomed files, you can still be hurt by exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up daily, there is no certainty that traditional signature-based anti-virus filters will detect the latest attack. If threat does appear in an email, it is critical that your users have learned to identify social engineering tricks. Your ultimate defense is a solid process for performing and retaining remote backups plus the use of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Testing in Chesapeake
For pricing information and to find out more about how Progent's ProSight Ransomware Vulnerability Evaluation can enhance your defense against crypto-ransomware in Chesapeake, phone Progent at 800-462-8800 or see Contact Progent.