Ransomware has been weaponized by cyber extortionists and rogue states, posing a potentially existential risk to businesses that are breached. Modern strains of crypto-ransomware target all vulnerable resources, including online backup, making even partial recovery a challenging and expensive process. Novel strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have made the headlines, displacing WannaCry, Spora, and CryptoWall in notoriety, sophistication, and destructive impact.
90% of crypto-ransomware infections are the result of innocent-looking emails with malicious links or file attachments, and many are so-called "zero-day" strains that elude detection by traditional signature-based antivirus tools. Although user education and frontline identification are critical to defend against ransomware attacks, leading practices demand that you expect that some malware will eventually succeed and that you deploy a solid backup solution that enables you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around an online interview with a Progent security expert experienced in ransomware defense and repair. During this interview Progent will work directly with your Curitiba IT managers to collect pertinent information concerning your cybersecurity posture and backup processes. Progent will utilize this data to produce a Basic Security and Best Practices Report documenting how to adhere to best practices for configuring and administering your cybersecurity and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital areas related to crypto-ransomware prevention and restoration recovery. The report covers:
- Correct use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall setup
- Safe RDP connections
- Advice about AntiVirus tools selection and configuration
The online interview process for the ProSight Ransomware Preparedness Checkup service takes about one hour for a typical small business and requires more time for bigger or more complex IT environments. The report document features suggestions for improving your ability to ward off or recover from a ransomware attack and Progent can provide on-demand expertise to assist your business to create a cost-effective cybersecurity/backup solution customized for your specific requirements.
- Split permission model for backup protection
- Protecting key servers such as AD
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a form of malware that encrypts or deletes files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the damage, the target is asked to pay a specified amount of money, usually in the form of a crypto currency such as Bitcoin, within a short time window. It is never certain that paying the extortion price will restore the lost data or avoid its exposure to the public. Files can be altered or deleted across a network based on the target's write permissions, and you cannot solve the strong encryption algorithms used on the compromised files. A typical ransomware attack vector is spoofed email, whereby the user is lured into interacting with by a social engineering technique called spear phishing. This makes the email message to appear to come from a familiar sender. Another common vulnerability is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by the many strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Famous examples are WannaCry, and Petya. Current headline threats like Ryuk, Sodinokibi and Cerber are more sophisticated and have wreaked more damage than earlier versions. Even if your backup processes allow your business to recover your encrypted files, you can still be hurt by so-called exfiltration, where ransomed documents are exposed to the public. Because additional variants of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus tools will detect the latest attack. If an attack does appear in an email, it is critical that your users have learned to be aware of social engineering tricks. Your ultimate defense is a solid process for scheduling and retaining offsite backups plus the deployment of dependable restoration platforms.
Ask Progent About the ProSight Ransomware Readiness Consultation in Curitiba
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Vulnerability Audit can enhance your defense against ransomware in Curitiba, call Progent at 800-462-8800 or see Contact Progent.