Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor states, posing a possibly existential threat to companies that are victimized. The latest strains of crypto-ransomware go after everything, including online backup, making even selective restoration a complex and costly process. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have made the headlines, replacing WannaCry, Cerber, and CryptoWall in notoriety, elaborateness, and destructiveness.
Most crypto-ransomware infections are caused by innocent-looking emails that have malicious hyperlinks or file attachments, and a high percentage are "zero-day" strains that elude detection by legacy signature-matching antivirus (AV) filters. Although user training and frontline detection are important to protect against ransomware, leading practices demand that you take for granted some attacks will inevitably get through and that you prepare a strong backup mechanism that enables you to restore files and services quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and recovery. During this assessment Progent will collaborate with your Curitiba IT management staff to gather critical information about your cybersecurity profile and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Report detailing how to adhere to leading practices for implementing and administering your security and backup systems to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital issues associated with crypto-ransomware prevention and restoration recovery. The review covers:
- Proper use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Secure RDP configuration
- Recommend AntiVirus (AV) tools identification and configuration
The online interview for the ProSight Ransomware Preparedness Checkup service takes about one hour for a typical small company and longer for larger or more complicated environments. The written report includes recommendations for improving your ability to ward off or clean up after a ransomware attack and Progent can provide on-demand consulting services to help you and your IT staff to design and deploy a cost-effective cybersecurity/backup system tailored to your specific needs.
- Split permission model for backup integrity
- Backing up key servers including AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malware that encrypts or deletes files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To prevent the damage, the target is required to pay a specified amount of money (the ransom), typically via a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the extortion price will restore the lost files or prevent its exposure to the public. Files can be encrypted or erased across a network depending on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, in which the target is lured into interacting with by a social engineering technique known as spear phishing. This makes the email message to look as though it came from a trusted sender. Another common vulnerability is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous attacks include WannaCry, and NotPetya. Recent headline threats like Ryuk, Maze and CryptoWall are more complex and have wreaked more havoc than older versions. Even if your backup/recovery processes permit your business to restore your ransomed files, you can still be hurt by exfiltration, where stolen documents are exposed to the public. Because additional versions of ransomware are launched every day, there is no certainty that traditional signature-based anti-virus filters will block a new malware. If an attack does appear in an email, it is important that your end users have been taught to identify social engineering tricks. Your last line of defense is a solid scheme for performing and keeping offsite backups plus the deployment of reliable restoration tools.
Ask Progent About the ProSight Ransomware Susceptibility Assessment in Curitiba
For pricing information and to find out more about how Progent's ProSight Ransomware Preparedness Report can bolster your defense against crypto-ransomware in Curitiba, phone Progent at 800-462-8800 or see Contact Progent.