Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor governments, representing a potentially existential threat to businesses that fall victim. Modern variations of crypto-ransomware go after all vulnerable resources, including online backup, making even partial restoration a long and expensive process. New versions of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Egregor have emerged, displacing WannaCry, Spora, and Petya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware penetrations are caused by innocent-seeming emails with dangerous links or attachments, and a high percentage are "zero-day" strains that can escape the defenses of traditional signature-based antivirus (AV) filters. While user education and up-front identification are important to defend your network against ransomware, best practices demand that you assume some malware will inevitably succeed and that you implement a solid backup mechanism that enables you to recover rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around an online interview with a Progent cybersecurity expert skilled in ransomware protection and repair. In the course of this interview Progent will cooperate with your Detroit network managers to gather critical information concerning your security configuration and backup environment. Progent will use this data to generate a Basic Security and Best Practices Assessment documenting how to adhere to leading practices for configuring and administering your cybersecurity and backup systems to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key areas associated with ransomware defense and restoration recovery. The report addresses:
- Proper allocation and use of administration accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Safe RDP access
- Recommend AntiVirus filtering selection and deployment
The remote interview included with the ProSight Ransomware Preparedness Report service takes about an hour for the average small business network and requires more time for bigger or more complex IT environments. The report document includes suggestions for improving your ability to ward off or clean up after a ransomware assault and Progent offers on-demand consulting services to help you to design and deploy a cost-effective cybersecurity/backup system tailored to your specific requirements.
- Split permission model for backup protection
- Backing up required servers such as AD
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malware that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the damage, the victim is required to send a specified ransom, usually in the form of a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that delivering the ransom will restore the damaged files or avoid its publication. Files can be encrypted or erased throughout a network depending on the victim's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A common ransomware delivery package is spoofed email, whereby the victim is lured into interacting with by a social engineering exploit known as spear phishing. This makes the email message to look as though it came from a trusted source. Another common attack vector is an improperly protected Remote Desktop Protocol port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage attributed to by the many strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks include Locky, and Petya. Current headline variants like Ryuk, Maze and TeslaCrypt are more elaborate and have wreaked more damage than earlier strains. Even if your backup/recovery processes enable your business to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because additional versions of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus filters will block the latest attack. If an attack does appear in an email, it is important that your users have been taught to identify social engineering techniques. Your last line of defense is a sound scheme for performing and retaining remote backups and the deployment of dependable restoration tools.
Contact Progent About the ProSight Ransomware Preparedness Report in Detroit
For pricing details and to learn more about how Progent's ProSight Ransomware Susceptibility Review can bolster your protection against crypto-ransomware in Detroit, call Progent at 800-462-8800 or see Contact Progent.