Ransomware has become the weapon of choice for cyber extortionists and rogue states, representing a potentially lethal threat to businesses that fall victim. Modern versions of crypto-ransomware go after all vulnerable resources, including backup, making even selective restoration a long and expensive process. Novel versions of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have emerged, replacing WannaCry, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructiveness.
90% of ransomware penetrations are caused by innocent-seeming emails that have dangerous hyperlinks or attachments, and many are so-called "zero-day" strains that can escape the defenses of traditional signature-matching antivirus (AV) filters. While user education and up-front identification are critical to protect your network against ransomware attacks, leading practices demand that you take for granted some attacks will inevitably succeed and that you implement a strong backup mechanism that permits you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around a remote interview with a Progent security consultant experienced in ransomware defense and repair. During this interview Progent will cooperate directly with your Corpus Christi IT managers to collect critical information about your security profile and backup processes. Progent will utilize this data to produce a Basic Security and Best Practices Report detailing how to adhere to best practices for implementing and managing your security and backup systems to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues related to crypto-ransomware defense and restoration recovery. The review addresses:
- Effective allocation and use of admin accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol (RDP) access
- Recommend AntiVirus filtering identification and configuration
The online interview process included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small company and requires more time for larger or more complicated environments. The report document contains suggestions for enhancing your ability to ward off or recover from a ransomware attack and Progent offers on-demand expertise to help your business to create a cost-effective security/data backup solution customized for your business requirements.
- Split permission model for backup protection
- Protecting critical servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the target is required to pay a specified amount of money, usually via a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that delivering the ransom will recover the damaged files or avoid its publication. Files can be altered or erased across a network depending on the target's write permissions, and you cannot solve the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, in which the target is tricked into responding to by means of a social engineering exploit known as spear phishing. This makes the email message to appear to come from a trusted source. Another popular attack vector is a poorly secured RDP port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is said to be billions of dollars annually, more than doubling every two years. Famous examples include WannaCry, and Petya. Current high-profile threats like Ryuk, Sodinokibi and TeslaCrypt are more complex and have wreaked more damage than earlier versions. Even if your backup processes allow you to restore your ransomed data, you can still be threatened by so-called exfiltration, where stolen documents are exposed to the public. Because additional versions of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus filters will detect the latest attack. If threat does appear in an email, it is critical that your end users have been taught to be aware of social engineering techniques. Your last line of defense is a sound process for scheduling and keeping remote backups plus the use of dependable recovery platforms.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Testing in Corpus Christi
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Assessment can bolster your defense against ransomware in Corpus Christi, phone Progent at 800-462-8800 or see Contact Progent.