Ransomware has been weaponized by the major cyber-crime organizations and rogue governments, representing a potentially lethal risk to businesses that are victimized. Current versions of crypto-ransomware target everything, including backup, making even partial restoration a challenging and expensive process. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have made the headlines, displacing Locky, TeslaCrypt, and NotPetya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware infections come from innocuous-seeming emails with malicious hyperlinks or attachments, and a high percentage are "zero-day" strains that can escape detection by traditional signature-matching antivirus (AV) filters. Although user education and frontline detection are important to defend against ransomware, leading practices demand that you assume some malware will inevitably succeed and that you put in place a strong backup mechanism that enables you to restore files and services quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around a remote interview with a Progent security expert skilled in ransomware defense and repair. During this interview Progent will work directly with your Detroit IT management staff to gather pertinent data concerning your security profile and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Report detailing how to follow best practices for implementing and administering your cybersecurity and backup solution to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key areas related to ransomware prevention and restoration recovery. The review covers:
- Effective use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall configuration
- Secure RDP access
- Advice about AntiVirus (AV) filtering identification and configuration
The online interview process included with the ProSight Ransomware Vulnerability Checkup service takes about one hour for a typical small company and longer for larger or more complex environments. The report document features recommendations for enhancing your ability to block or recover from a ransomware incident and Progent can provide on-demand expertise to help you and your IT staff to design and deploy a cost-effective cybersecurity/backup solution tailored to your business requirements.
- Split permission architecture for backup protection
- Backing up key servers such as AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes a victim's files so they cannot be used or are publicized. Ransomware often locks the victim's computer. To avoid the carnage, the victim is asked to pay a certain amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a brief period of time. It is not guaranteed that paying the ransom will recover the lost data or prevent its exposure to the public. Files can be altered or deleted throughout a network depending on the target's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, in which the target is tricked into responding to by a social engineering technique known as spear phishing. This causes the email message to appear to come from a trusted sender. Another popular vulnerability is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the damage caused by the many versions of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous examples are Locky, and Petya. Recent headline variants like Ryuk, Maze and CryptoWall are more elaborate and have caused more damage than older strains. Even if your backup/recovery procedures permit your business to restore your encrypted files, you can still be threatened by exfiltration, where ransomed data are exposed to the public (known as "doxxing"). Because additional versions of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus filters will detect the latest malware. If an attack does appear in an email, it is important that your users have learned to identify social engineering techniques. Your ultimate protection is a sound scheme for performing and keeping remote backups and the use of dependable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Report in Detroit
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Testing can enhance your defense against crypto-ransomware in Detroit, call Progent at 800-462-8800 or visit Contact Progent.