Ransomware has been widely adopted by cybercriminals and bad-actor states, posing a potentially lethal threat to businesses that are victimized. Modern versions of crypto-ransomware target everything, including online backup, making even selective restoration a long and expensive process. New strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have made the headlines, displacing WannaCry, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware breaches are the result of innocent-seeming emails that have dangerous links or attachments, and many are so-called "zero-day" attacks that elude the defenses of traditional signature-based antivirus (AV) filters. Although user education and frontline detection are important to defend against ransomware, best practices dictate that you take for granted some attacks will eventually succeed and that you put in place a solid backup solution that allows you to recover rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around a remote interview with a Progent security expert experienced in ransomware defense and repair. During this interview Progent will collaborate with your Downers Grove network managers to gather critical information concerning your security configuration and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Report documenting how to adhere to best practices for configuring and managing your security and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas related to ransomware defense and restoration recovery. The review addresses:
- Effective use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Safe RDP access
- Recommend AntiVirus (AV) tools selection and configuration
The remote interview process included with the ProSight Ransomware Vulnerability Assessment service takes about one hour for a typical small company and longer for bigger or more complicated IT environments. The report document features suggestions for enhancing your ability to ward off or recover from a ransomware incident and Progent offers as-needed expertise to assist your business to create an efficient cybersecurity/backup system customized for your specific requirements.
- Split permission architecture for backup integrity
- Protecting critical servers including Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes a victim's files so they are unusable or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the damage, the target is asked to pay a specified ransom, usually in the form of a crypto currency like Bitcoin, within a short time window. It is never certain that paying the extortion price will restore the lost files or avoid its exposure to the public. Files can be encrypted or erased across a network depending on the target's write permissions, and you cannot break the military-grade encryption algorithms used on the hostage files. A common ransomware attack vector is spoofed email, whereby the target is lured into responding to by means of a social engineering technique called spear phishing. This makes the email to appear to come from a familiar sender. Another popular attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage caused by the many versions of ransomware is estimated at billions of dollars annually, more than doubling every other year. Famous examples include WannaCry, and NotPetya. Recent headline variants like Ryuk, DoppelPaymer and Cerber are more complex and have wreaked more damage than older strains. Even if your backup/recovery processes permit your business to recover your ransomed files, you can still be hurt by exfiltration, where stolen documents are made public. Because additional variants of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus filters will block a new attack. If threat does appear in an email, it is important that your users have been taught to identify phishing techniques. Your last line of defense is a sound process for scheduling and retaining offsite backups and the deployment of dependable recovery tools.
Contact Progent About the ProSight Ransomware Vulnerability Review in Downers Grove
For pricing information and to find out more about how Progent's ProSight Ransomware Preparedness Checkup can bolster your defense against ransomware in Downers Grove, phone Progent at 800-462-8800 or visit Contact Progent.