Ransomware has been widely adopted by cybercriminals and bad-actor states, representing a possibly lethal risk to businesses that are successfully attacked. The latest variations of ransomware target all vulnerable resources, including backup, making even partial restoration a challenging and expensive exercise. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Nephilim have made the headlines, displacing WannaCry, Cerber, and NotPetya in notoriety, elaborateness, and destructive impact.
Most crypto-ransomware infections come from innocuous-seeming emails that include malicious links or attachments, and many are "zero-day" variants that elude detection by traditional signature-matching antivirus filters. Although user education and frontline detection are critical to protect your network against ransomware attacks, best practices demand that you expect that some malware will inevitably succeed and that you implement a strong backup solution that enables you to repair the damage quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert experienced in ransomware protection and repair. During this assessment Progent will cooperate directly with your Cleveland IT management staff to gather pertinent information about your security setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Assessment documenting how to apply best practices for configuring and administering your security and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report focuses on vital issues related to crypto-ransomware prevention and restoration recovery. The review covers:
- Effective use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall settings
- Secure Remote Desktop Protocol connections
- Recommend AntiVirus (AV) filtering selection and deployment
The online interview for the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex IT environments. The report document contains recommendations for improving your ability to ward off or clean up after a ransomware attack and Progent can provide on-demand consulting services to assist you to create an efficient cybersecurity/data backup solution tailored to your business needs.
- Split permission architecture for backup protection
- Protecting required servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the carnage, the target is required to send a specified ransom, typically via a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will recover the damaged files or avoid its publication. Files can be altered or erased across a network depending on the victim's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the victim is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to appear to come from a trusted source. Another common attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by the many versions of ransomware is said to be billions of dollars per year, roughly doubling every two years. Famous examples include WannaCry, and Petya. Current headline threats like Ryuk, DoppelPaymer and Cerber are more sophisticated and have wreaked more havoc than older versions. Even if your backup procedures enable you to restore your ransomed files, you can still be threatened by so-called exfiltration, where ransomed documents are made public (known as "doxxing"). Because additional variants of ransomware are launched daily, there is no guarantee that traditional signature-matching anti-virus tools will block a new attack. If threat does show up in an email, it is important that your users have learned to identify phishing tricks. Your ultimate protection is a solid scheme for scheduling and keeping remote backups and the deployment of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Consultation in Cleveland
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Review can enhance your protection against ransomware in Cleveland, call Progent at 800-462-8800 or see Contact Progent.