Ransomware has been weaponized by cyber extortionists and malicious states, posing a potentially existential risk to businesses that are victimized. The latest versions of ransomware go after everything, including online backup, making even partial recovery a complex and costly process. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Egregor have made the headlines, displacing Locky, TeslaCrypt, and Petya in prominence, sophistication, and destructiveness.
Most crypto-ransomware infections are the result of innocent-looking emails that have dangerous hyperlinks or attachments, and many are so-called "zero-day" strains that elude the defenses of traditional signature-matching antivirus (AV) filters. While user education and up-front detection are important to protect against ransomware attacks, leading practices demand that you assume some malware will eventually succeed and that you implement a strong backup mechanism that permits you to recover quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service centered around a remote interview with a Progent security expert experienced in ransomware protection and repair. During this interview Progent will cooperate directly with your Dallas network management staff to gather pertinent data about your security configuration and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Assessment detailing how to adhere to best practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital issues associated with ransomware prevention and restoration recovery. The report covers:
- Correct use of administration accounts
- Assigning NTFS (New Technology File System) and SMB authorizations
- Proper firewall setup
- Secure RDP configuration
- Advice about AntiVirus (AV) tools identification and deployment
The remote interview for the ProSight Ransomware Vulnerability Report service takes about one hour for a typical small business and requires more time for bigger or more complicated environments. The written report contains recommendations for enhancing your ability to block or clean up after a ransomware assault and Progent offers as-needed expertise to help you and your IT staff to create a cost-effective cybersecurity/backup system tailored to your business needs.
- Split permission model for backup integrity
- Backing up critical servers including AD
- Offsite backups including cloud backup to Azure
Ransomware is a variety of malware that encrypts or deletes a victim's files so they are unusable or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the victim is asked to pay a specified ransom, typically in the form of a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that delivering the extortion price will recover the damaged files or prevent its exposure to the public. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is spoofed email, in which the target is lured into interacting with by a social engineering exploit called spear phishing. This makes the email message to appear to come from a familiar source. Another common vulnerability is a poorly protected Remote Desktop Protocol port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every two years. Notorious attacks are WannaCry, and Petya. Recent high-profile variants like Ryuk, DoppelPaymer and TeslaCrypt are more complex and have wreaked more havoc than earlier strains. Even if your backup/recovery procedures enable your business to recover your ransomed files, you can still be hurt by exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched every day, there is no guarantee that traditional signature-based anti-virus tools will block a new malware. If threat does show up in an email, it is critical that your end users have been taught to identify social engineering techniques. Your last line of protection is a solid process for performing and keeping remote backups and the use of reliable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Report in Dallas
For pricing information and to learn more about how Progent's ProSight Ransomware Vulnerability Testing can enhance your protection against ransomware in Dallas, phone Progent at 800-462-8800 or see Contact Progent.