Ransomware has been weaponized by the major cyber-crime organizations and rogue governments, posing a possibly existential threat to companies that are successfully attacked. Current strains of crypto-ransomware go after everything, including backup, making even partial restoration a long and costly exercise. Novel variations of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit and Nephilim have made the headlines, displacing WannaCry, Spora, and CryptoWall in prominence, sophistication, and destructiveness.
90% of crypto-ransomware penetrations are the result of innocent-looking emails with malicious hyperlinks or file attachments, and a high percentage are so-called "zero-day" variants that elude detection by legacy signature-matching antivirus tools. Although user education and up-front detection are critical to defend your network against ransomware attacks, best practices demand that you expect that some malware will inevitably succeed and that you prepare a strong backup mechanism that enables you to repair the damage quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and recovery. In the course of this interview Progent will cooperate with your Colorado Springs IT managers to collect pertinent information concerning your cybersecurity configuration and backup processes. Progent will use this data to create a Basic Security and Best Practices Assessment detailing how to adhere to best practices for implementing and administering your security and backup solution to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to ransomware defense and restoration recovery. The review covers:
- Proper use of admin accounts
- Correct NTFS and SMB permissions
- Optimal firewall configuration
- Safe RDP connections
- Recommend AntiVirus tools identification and deployment
The remote interview process included with the ProSight Ransomware Preparedness Report service lasts about an hour for the average small business network and requires more time for larger or more complicated IT environments. The written report features suggestions for improving your ability to block or clean up after a ransomware incident and Progent can provide on-demand expertise to help you to design and deploy an efficient security/data backup system customized for your business needs.
- Split permission architecture for backup integrity
- Backing up critical servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the carnage, the victim is required to send a specified amount of money (the ransom), typically via a crypto currency such as Bitcoin, within a brief time window. It is never certain that delivering the ransom will restore the damaged data or prevent its publication. Files can be altered or erased across a network depending on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, whereby the target is tricked into interacting with by a social engineering exploit called spear phishing. This makes the email to appear to come from a familiar sender. Another popular vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the damage attributed to by different strains of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Notorious examples are Locky, and NotPetya. Current high-profile variants like Ryuk, Sodinokibi and Cerber are more complex and have wreaked more havoc than older strains. Even if your backup/recovery processes allow your business to restore your encrypted data, you can still be hurt by exfiltration, where stolen data are made public. Because new variants of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus tools will block a new attack. If threat does show up in an email, it is important that your users have been taught to identify social engineering tricks. Your ultimate defense is a solid scheme for performing and retaining offsite backups and the deployment of dependable restoration platforms.
Contact Progent About the ProSight Ransomware Susceptibility Review in Colorado Springs
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Testing can enhance your defense against ransomware in Colorado Springs, call Progent at 800-462-8800 or see Contact Progent.