Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor states, posing a possibly lethal risk to businesses that are breached. Current versions of ransomware target everything, including online backup, making even selective restoration a complex and costly exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have emerged, displacing WannaCry, Cerber, and Petya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware breaches come from innocent-seeming emails with dangerous links or file attachments, and many are "zero-day" variants that can escape detection by traditional signature-matching antivirus tools. Although user training and up-front detection are important to defend your network against ransomware, best practices demand that you assume some attacks will eventually get through and that you implement a strong backup solution that enables you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around an online discussion with a Progent security expert skilled in ransomware protection and recovery. In the course of this interview Progent will cooperate with your Colorado Springs IT managers to gather pertinent information about your security profile and backup processes. Progent will use this data to generate a Basic Security and Best Practices Report detailing how to follow leading practices for implementing and managing your cybersecurity and backup solution to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights key issues related to ransomware defense and restoration recovery. The review addresses:
- Proper allocation and use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Proper firewall setup
- Safe RDP configuration
- Guidance for AntiVirus filtering selection and configuration
The online interview included with the ProSight Ransomware Vulnerability Report service lasts about one hour for the average small company and longer for larger or more complex IT environments. The report document contains suggestions for enhancing your ability to ward off or recover from a ransomware incident and Progent offers as-needed consulting services to assist you and your IT staff to design and deploy an efficient cybersecurity/data backup solution tailored to your specific requirements.
- Split permission model for backup protection
- Protecting required servers including Active Directory
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malware that encrypts or steals files so they are unusable or are publicized. Ransomware often locks the target's computer. To avoid the carnage, the target is asked to send a specified amount of money, usually in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that paying the ransom will recover the damaged files or avoid its publication. Files can be altered or deleted throughout a network depending on the target's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the target is tricked into interacting with by a social engineering technique called spear phishing. This makes the email message to look as though it came from a familiar sender. Another popular attack vector is a poorly secured Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Notorious attacks include WannaCry, and Petya. Current high-profile variants like Ryuk, Sodinokibi and Spora are more elaborate and have caused more damage than earlier versions. Even if your backup/recovery processes allow your business to restore your ransomed files, you can still be hurt by so-called exfiltration, where stolen data are exposed to the public. Because new versions of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus filters will block the latest malware. If threat does show up in an email, it is critical that your end users have been taught to identify social engineering tricks. Your ultimate protection is a sound scheme for performing and retaining remote backups plus the deployment of dependable restoration platforms.
Contact Progent About the ProSight Ransomware Vulnerability Report in Colorado Springs
For pricing information and to learn more about how Progent's ProSight Ransomware Vulnerability Review can bolster your defense against ransomware in Colorado Springs, call Progent at 800-462-8800 or visit Contact Progent.