Ransomware has been weaponized by cyber extortionists and malicious governments, posing a possibly existential threat to businesses that are breached. Current versions of ransomware go after all vulnerable resources, including online backup, making even partial restoration a complex and expensive exercise. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have made the headlines, displacing Locky, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructive impact.
Most crypto-ransomware infections are caused by innocent-looking emails with dangerous links or attachments, and many are "zero-day" variants that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are important to protect against ransomware, best practices demand that you take for granted some malware will eventually get through and that you implement a solid backup solution that permits you to repair the damage rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service built around a remote discussion with a Progent security expert experienced in ransomware defense and repair. During this interview Progent will work directly with your Dallas network managers to gather critical data about your security setup and backup processes. Progent will utilize this information to generate a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and managing your cybersecurity and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key areas related to crypto-ransomware defense and restoration recovery. The report addresses:
- Effective allocation and use of administration accounts
- Correct NTFS and SMB authorizations
- Optimal firewall configuration
- Safe Remote Desktop Protocol connections
- Recommend AntiVirus filtering identification and configuration
The online interview for the ProSight Ransomware Vulnerability Assessment service lasts about one hour for a typical small company and longer for larger or more complex IT environments. The written report features suggestions for improving your ability to block or recover from a ransomware incident and Progent offers as-needed expertise to assist you to create an efficient security/data backup solution tailored to your specific requirements.
- Split permission architecture for backup integrity
- Protecting key servers such as AD
- Offsite backups with cloud backup to Azure
Ransomware is a variety of malware that encrypts or steals files so they cannot be used or are publicized. Ransomware sometimes locks the target's computer. To avoid the carnage, the victim is asked to send a specified amount of money (the ransom), typically via a crypto currency such as Bitcoin, within a short period of time. It is never certain that paying the ransom will recover the lost files or avoid its exposure to the public. Files can be altered or erased across a network based on the target's write permissions, and you cannot break the military-grade encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, whereby the user is lured into interacting with by means of a social engineering exploit known as spear phishing. This causes the email message to appear to come from a familiar source. Another popular attack vector is an improperly protected RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars annually, more than doubling every two years. Notorious attacks are WannaCry, and NotPetya. Recent high-profile threats like Ryuk, Maze and Cerber are more elaborate and have caused more havoc than earlier strains. Even if your backup processes permit your business to restore your encrypted files, you can still be hurt by exfiltration, where ransomed documents are made public. Because additional versions of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus tools will block the latest malware. If threat does show up in an email, it is critical that your end users have learned to be aware of phishing tricks. Your last line of defense is a sound scheme for scheduling and retaining remote backups and the deployment of dependable restoration tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Audit in Dallas
For pricing details and to learn more about how Progent's ProSight Ransomware Preparedness Testing can bolster your protection against ransomware in Dallas, phone Progent at 800-993-9400 or see Contact Progent.