Ransomware has been widely adopted by cybercriminals and bad-actor states, representing a possibly existential risk to companies that are breached. The latest variations of crypto-ransomware go after all vulnerable resources, including online backup, making even partial recovery a challenging and expensive exercise. New versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have emerged, displacing Locky, Spora, and Petya in notoriety, sophistication, and destructiveness.
Most ransomware infections are caused by innocuous-looking emails that include dangerous hyperlinks or file attachments, and a high percentage are "zero-day" variants that can escape detection by legacy signature-based antivirus filters. While user training and up-front detection are critical to protect your network against ransomware attacks, leading practices dictate that you take for granted some attacks will eventually succeed and that you deploy a solid backup solution that permits you to restore files and services rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around an online interview with a Progent security expert skilled in ransomware defense and repair. During this assessment Progent will cooperate directly with your Corpus Christi network managers to collect pertinent data about your security profile and backup environment. Progent will use this data to create a Basic Security and Best Practices Assessment documenting how to apply best practices for configuring and administering your security and backup solution to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights key areas associated with crypto-ransomware defense and restoration recovery. The report covers:
- Correct use of admin accounts
- Appropriate NTFS and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Secure RDP connections
- Guidance for AntiVirus (AV) tools identification and deployment
The online interview process included with the ProSight Ransomware Preparedness Assessment service lasts about one hour for the average small company and longer for larger or more complex environments. The report document contains recommendations for enhancing your ability to block or recover from a ransomware assault and Progent offers on-demand consulting services to help you to design and deploy a cost-effective security/backup system tailored to your business needs.
- Split permission model for backup integrity
- Protecting key servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the carnage, the victim is required to send a certain ransom, usually via a crypto currency such as Bitcoin, within a brief period of time. It is never certain that delivering the ransom will restore the lost files or avoid its exposure to the public. Files can be encrypted or deleted throughout a network depending on the target's write permissions, and you cannot break the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is spoofed email, whereby the user is lured into interacting with by means of a social engineering technique called spear phishing. This makes the email to look as though it came from a familiar source. Another common vulnerability is an improperly protected RDP port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Notorious attacks are Locky, and Petya. Current high-profile threats like Ryuk, Maze and Cerber are more elaborate and have wreaked more havoc than older versions. Even if your backup procedures permit you to recover your ransomed data, you can still be threatened by so-called exfiltration, where ransomed data are made public. Because additional variants of ransomware crop up every day, there is no certainty that conventional signature-matching anti-virus tools will block the latest attack. If an attack does appear in an email, it is critical that your end users have learned to be aware of social engineering techniques. Your ultimate protection is a sound process for scheduling and retaining remote backups and the use of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Readiness Review in Corpus Christi
For pricing details and to find out more about how Progent's ProSight Ransomware Vulnerability Evaluation can enhance your protection against ransomware in Corpus Christi, phone Progent at 800-462-8800 or see Contact Progent.