Ransomware has become the weapon of choice for cyber extortionists and rogue states, posing a possibly lethal threat to companies that are victimized. The latest variations of crypto-ransomware go after everything, including backup, making even partial restoration a complex and expensive process. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Nephilim have made the headlines, displacing Locky, Spora, and CryptoWall in notoriety, elaborateness, and destructiveness.
90% of ransomware penetrations come from innocent-looking emails with dangerous links or attachments, and a high percentage are "zero-day" variants that elude detection by traditional signature-based antivirus tools. Although user education and frontline detection are critical to protect your network against ransomware, leading practices dictate that you assume some attacks will eventually get through and that you implement a solid backup mechanism that allows you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around a remote interview with a Progent security expert skilled in ransomware defense and repair. During this assessment Progent will work with your Chesapeake network management staff to gather critical data concerning your security setup and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Assessment detailing how to adhere to best practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital issues associated with crypto-ransomware defense and restoration recovery. The review covers:
- Effective use of administration accounts
- Correct NTFS (New Technology File System) and SMB permissions
- Proper firewall settings
- Safe RDP access
- Advice about AntiVirus tools selection and deployment
The remote interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small company and requires more time for larger or more complex IT environments. The written report includes recommendations for enhancing your ability to block or clean up after a ransomware incident and Progent offers as-needed consulting services to assist you to create an efficient cybersecurity/backup solution customized for your business needs.
- Split permission architecture for backup protection
- Protecting required servers including AD
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or deletes a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the target is required to pay a certain amount of money (the ransom), usually via a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will restore the lost data or prevent its exposure to the public. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, in which the victim is lured into responding to by means of a social engineering technique known as spear phishing. This causes the email message to look as though it came from a familiar sender. Another common attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous attacks include Locky, and Petya. Recent high-profile threats like Ryuk, Maze and TeslaCrypt are more sophisticated and have caused more havoc than earlier versions. Even if your backup/recovery procedures permit your business to recover your encrypted data, you can still be hurt by so-called exfiltration, where stolen documents are made public. Because additional variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anti-virus tools will block a new attack. If threat does appear in an email, it is critical that your users have learned to identify social engineering techniques. Your ultimate protection is a solid scheme for performing and retaining remote backups plus the deployment of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Audit in Chesapeake
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Readiness Testing can bolster your protection against ransomware in Chesapeake, phone Progent at 800-993-9400 or see Contact Progent.