Ransomware has become the weapon of choice for cybercriminals and rogue governments, posing a possibly lethal risk to businesses that fall victim. The latest versions of crypto-ransomware go after everything, including online backup, making even partial restoration a challenging and costly exercise. Novel strains of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, displacing Locky, Spora, and CryptoWall in notoriety, sophistication, and destructive impact.
Most ransomware penetrations are caused by innocent-looking emails that have dangerous links or file attachments, and a high percentage are "zero-day" attacks that elude detection by traditional signature-matching antivirus (AV) tools. Although user education and frontline detection are important to protect your network against ransomware, leading practices dictate that you take for granted some malware will inevitably get through and that you prepare a strong backup mechanism that permits you to restore files and services quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service built around an online interview with a Progent cybersecurity consultant experienced in ransomware defense and recovery. In the course of this assessment Progent will cooperate directly with your Columbus network managers to collect pertinent data concerning your security configuration and backup environment. Progent will use this information to create a Basic Security and Best Practices Report detailing how to follow leading practices for implementing and administering your security and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The review addresses:
- Correct allocation and use of administration accounts
- Appropriate NTFS and SMB authorizations
- Proper firewall settings
- Safe RDP connections
- Recommend AntiVirus tools selection and deployment
The online interview process included with the ProSight Ransomware Vulnerability Assessment service takes about an hour for a typical small business and requires more time for bigger or more complex IT environments. The written report features recommendations for improving your ability to block or clean up after a ransomware attack and Progent can provide on-demand consulting services to assist you to design and deploy a cost-effective cybersecurity/backup system customized for your business requirements.
- Split permission model for backup protection
- Protecting critical servers such as Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes a victim's files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To avoid the damage, the target is required to pay a specified amount of money, usually in the form of a crypto currency like Bitcoin, within a short period of time. There is no guarantee that delivering the extortion price will restore the damaged data or prevent its exposure to the public. Files can be altered or erased throughout a network depending on the victim's write permissions, and you cannot break the military-grade encryption algorithms used on the compromised files. A common ransomware attack vector is booby-trapped email, in which the target is tricked into responding to by means of a social engineering exploit called spear phishing. This causes the email message to appear to come from a familiar source. Another common attack vector is a poorly secured RDP port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by the many versions of ransomware is said to be billions of dollars per year, more than doubling every other year. Notorious attacks are WannaCry, and Petya. Recent headline threats like Ryuk, DoppelPaymer and TeslaCrypt are more sophisticated and have wreaked more havoc than earlier strains. Even if your backup processes allow your business to recover your encrypted data, you can still be hurt by exfiltration, where stolen documents are made public. Because new versions of ransomware crop up daily, there is no guarantee that traditional signature-based anti-virus filters will detect the latest attack. If an attack does show up in an email, it is important that your users have been taught to identify phishing techniques. Your ultimate protection is a solid process for performing and retaining offsite backups plus the deployment of reliable recovery tools.
Ask Progent About the ProSight Ransomware Preparedness Checkup in Columbus
For pricing information and to find out more about how Progent's ProSight Ransomware Susceptibility Checkup can bolster your defense against crypto-ransomware in Columbus, call Progent at 800-993-9400 or visit Contact Progent.