Ransomware has been weaponized by cyber extortionists and rogue governments, posing a possibly lethal risk to companies that fall victim. Modern versions of ransomware go after all vulnerable resources, including online backup, making even selective recovery a challenging and costly exercise. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit and Nephilim have made the headlines, displacing Locky, TeslaCrypt, and Petya in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware breaches are caused by innocent-looking emails that have dangerous hyperlinks or file attachments, and a high percentage are "zero-day" attacks that elude the defenses of traditional signature-based antivirus (AV) tools. While user education and up-front detection are critical to protect your network against ransomware, best practices dictate that you take for granted some attacks will inevitably succeed and that you put in place a strong backup solution that permits you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service built around an online interview with a Progent security expert skilled in ransomware defense and repair. In the course of this assessment Progent will work with your Cheyenne IT managers to gather critical data concerning your cybersecurity posture and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Assessment documenting how to adhere to best practices for implementing and administering your cybersecurity and backup systems to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The review addresses:
- Proper allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall setup
- Secure Remote Desktop Protocol access
- Advice about AntiVirus tools selection and deployment
The online interview for the ProSight Ransomware Preparedness Assessment service lasts about one hour for a typical small company and requires more time for larger or more complex environments. The written report includes suggestions for enhancing your ability to block or clean up after a ransomware incident and Progent offers as-needed expertise to help your business to create a cost-effective security/data backup system customized for your specific requirements.
- Split permission model for backup protection
- Protecting critical servers such as Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or steals a victim's files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the victim is asked to send a specified amount of money (the ransom), usually in the form of a crypto currency like Bitcoin, within a brief time window. It is never certain that paying the extortion price will restore the damaged files or prevent its publication. Files can be encrypted or erased across a network based on the target's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is tainted email, whereby the victim is lured into interacting with by a social engineering technique known as spear phishing. This makes the email to look as though it came from a trusted source. Another common vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous examples are WannaCry, and Petya. Current high-profile variants like Ryuk, Maze and Spora are more sophisticated and have wreaked more havoc than earlier strains. Even if your backup/recovery procedures enable your business to recover your encrypted data, you can still be hurt by so-called exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because additional versions of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus filters will block a new attack. If threat does appear in an email, it is critical that your users have been taught to identify phishing techniques. Your ultimate protection is a sound scheme for scheduling and keeping remote backups plus the use of dependable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Evaluation in Cheyenne
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Evaluation can bolster your protection against ransomware in Cheyenne, phone Progent at 800-462-8800 or visit Contact Progent.