Ransomware has been widely adopted by the major cyber-crime organizations and malicious states, posing a potentially lethal risk to companies that are breached. Modern versions of crypto-ransomware target all vulnerable resources, including backup, making even selective recovery a challenging and costly process. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have emerged, displacing WannaCry, Spora, and NotPetya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware penetrations come from innocent-looking emails that include malicious hyperlinks or attachments, and a high percentage are "zero-day" strains that elude the defenses of traditional signature-matching antivirus (AV) tools. While user education and frontline identification are important to defend your network against ransomware attacks, leading practices dictate that you assume some malware will inevitably get through and that you prepare a strong backup solution that enables you to recover quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service built around an online discussion with a Progent cybersecurity consultant experienced in ransomware protection and repair. In the course of this assessment Progent will collaborate with your Curitiba IT management staff to gather critical information concerning your cybersecurity configuration and backup environment. Progent will use this data to produce a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and managing your security and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital issues associated with crypto-ransomware prevention and restoration recovery. The review addresses:
- Effective use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Safe Remote Desktop Protocol (RDP) connections
- Recommend AntiVirus filtering identification and deployment
The online interview process for the ProSight Ransomware Vulnerability Checkup service takes about one hour for the average small business and requires more time for bigger or more complex IT environments. The written report features suggestions for enhancing your ability to block or recover from a ransomware attack and Progent offers as-needed expertise to assist you and your IT staff to create an efficient security/data backup system customized for your business needs.
- Split permission model for backup protection
- Backing up critical servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Ransomware sometimes locks the target's computer. To prevent the carnage, the victim is required to send a certain amount of money, usually in the form of a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the extortion price will restore the lost files or avoid its exposure to the public. Files can be altered or deleted throughout a network depending on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the user is lured into responding to by means of a social engineering technique known as spear phishing. This makes the email message to look as though it came from a trusted source. Another common vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Famous attacks are WannaCry, and Petya. Current headline variants like Ryuk, Sodinokibi and Spora are more complex and have wreaked more damage than older versions. Even if your backup procedures permit your business to restore your encrypted data, you can still be hurt by exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because new versions of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus tools will block the latest attack. If threat does show up in an email, it is important that your users have learned to identify social engineering tricks. Your last line of defense is a sound scheme for performing and retaining remote backups and the use of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Audit in Curitiba
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Audit can bolster your defense against ransomware in Curitiba, call Progent at 800-462-8800 or visit Contact Progent.