Ransomware has been weaponized by cybercriminals and bad-actor governments, posing a possibly existential risk to companies that fall victim. Modern strains of ransomware target all vulnerable resources, including online backup, making even partial recovery a long and costly exercise. New variations of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Lockbit and Egregor have emerged, replacing WannaCry, Cerber, and NotPetya in notoriety, sophistication, and destructive impact.
90% of ransomware breaches are caused by innocuous-seeming emails with dangerous links or attachments, and many are so-called "zero-day" attacks that elude the defenses of traditional signature-based antivirus filters. While user education and up-front identification are important to defend your network against ransomware, best practices dictate that you take for granted some malware will eventually succeed and that you implement a solid backup mechanism that enables you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service built around a remote discussion with a Progent cybersecurity consultant experienced in ransomware defense and recovery. In the course of this assessment Progent will cooperate with your Chesapeake network managers to collect critical data about your security configuration and backup processes. Progent will utilize this data to produce a Basic Security and Best Practices Assessment documenting how to follow leading practices for implementing and managing your security and backup solution to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The report covers:
- Effective allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall settings
- Safe RDP connections
- Recommend AntiVirus (AV) filtering identification and configuration
The online interview process included with the ProSight Ransomware Vulnerability Checkup service takes about one hour for the average small company and requires more time for bigger or more complex environments. The written report features suggestions for enhancing your ability to ward off or recover from a ransomware assault and Progent offers as-needed expertise to assist you and your IT staff to design and deploy an efficient cybersecurity/data backup system tailored to your business needs.
- Split permission architecture for backup protection
- Protecting key servers such as Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or steals files so they cannot be used or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is asked to send a certain amount of money, usually in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that delivering the extortion price will recover the lost files or prevent its exposure to the public. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot break the military-grade encryption algorithms used on the hostage files. A typical ransomware delivery package is tainted email, whereby the target is tricked into responding to by means of a social engineering technique known as spear phishing. This makes the email to appear to come from a trusted source. Another popular vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by the many strains of ransomware is estimated at billions of dollars annually, more than doubling every other year. Notorious examples are Locky, and Petya. Recent high-profile variants like Ryuk, Sodinokibi and Spora are more complex and have caused more havoc than older versions. Even if your backup/recovery procedures allow your business to recover your ransomed data, you can still be hurt by so-called exfiltration, where ransomed data are made public. Because new variants of ransomware crop up every day, there is no certainty that conventional signature-based anti-virus tools will detect a new attack. If an attack does appear in an email, it is important that your users have been taught to identify social engineering tricks. Your last line of protection is a solid process for scheduling and retaining offsite backups plus the deployment of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Consultation in Chesapeake
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Assessment can bolster your defense against ransomware in Chesapeake, phone Progent at 800-462-8800 or see Contact Progent.