Ransomware has been widely adopted by cyber extortionists and rogue states, posing a possibly lethal threat to companies that are successfully attacked. Modern variations of crypto-ransomware go after all vulnerable resources, including backup, making even partial recovery a complex and expensive process. New strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have emerged, displacing Locky, Cerber, and Petya in notoriety, sophistication, and destructiveness.
90% of crypto-ransomware infections are caused by innocuous-seeming emails with dangerous hyperlinks or file attachments, and many are "zero-day" attacks that elude detection by traditional signature-based antivirus (AV) filters. Although user training and up-front identification are important to protect your network against ransomware, leading practices dictate that you take for granted some attacks will eventually succeed and that you deploy a strong backup solution that allows you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service built around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and recovery. In the course of this interview Progent will collaborate directly with your Corpus Christi network management staff to collect critical data concerning your cybersecurity posture and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Assessment documenting how to apply leading practices for configuring and administering your cybersecurity and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights key issues associated with ransomware prevention and restoration recovery. The report covers:
- Effective allocation and use of administration accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall setup
- Safe RDP configuration
- Guidance for AntiVirus filtering identification and configuration
The remote interview for the ProSight Ransomware Preparedness Assessment service lasts about one hour for a typical small business network and longer for bigger or more complex IT environments. The report document contains recommendations for enhancing your ability to ward off or recover from a ransomware assault and Progent offers on-demand expertise to assist your business to design and deploy an efficient security/data backup system tailored to your business requirements.
- Split permission architecture for backup protection
- Protecting critical servers such as AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a type of malware that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the damage, the victim is asked to send a certain amount of money (the ransom), usually in the form of a crypto currency such as Bitcoin, within a short period of time. It is never certain that paying the extortion price will recover the lost files or prevent its publication. Files can be altered or erased across a network based on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is spoofed email, in which the victim is lured into responding to by means of a social engineering technique called spear phishing. This causes the email message to look as though it came from a familiar source. Another popular vulnerability is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is estimated at billions of dollars annually, more than doubling every two years. Famous examples are WannaCry, and Petya. Current high-profile variants like Ryuk, Maze and Cerber are more sophisticated and have wreaked more damage than earlier strains. Even if your backup processes enable you to recover your ransomed data, you can still be threatened by so-called exfiltration, where stolen documents are made public. Because new variants of ransomware crop up daily, there is no certainty that traditional signature-based anti-virus tools will block a new malware. If threat does show up in an email, it is important that your end users have learned to be aware of social engineering techniques. Your last line of protection is a solid process for performing and keeping offsite backups plus the deployment of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Preparedness Audit in Corpus Christi
For pricing information and to find out more about how Progent's ProSight Ransomware Susceptibility Evaluation can enhance your defense against crypto-ransomware in Corpus Christi, call Progent at 800-462-8800 or visit Contact Progent.