Ransomware has been widely adopted by the major cyber-crime organizations and rogue states, representing a potentially lethal threat to businesses that are successfully attacked. Current versions of ransomware target all vulnerable resources, including backup, making even selective restoration a long and costly exercise. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Egregor have made the headlines, replacing Locky, Spora, and NotPetya in notoriety, elaborateness, and destructiveness.
Most crypto-ransomware breaches come from innocuous-seeming emails that have dangerous links or file attachments, and many are so-called "zero-day" strains that elude the defenses of traditional signature-based antivirus (AV) tools. While user training and frontline identification are critical to protect against ransomware attacks, best practices dictate that you take for granted some attacks will eventually succeed and that you deploy a strong backup mechanism that enables you to restore files and services quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service built around a remote interview with a Progent security consultant skilled in ransomware defense and repair. During this interview Progent will work directly with your Downers Grove network managers to gather critical data concerning your security profile and backup processes. Progent will utilize this information to create a Basic Security and Best Practices Report documenting how to follow leading practices for configuring and administering your cybersecurity and backup solution to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key issues associated with ransomware defense and restoration recovery. The report covers:
- Correct use of admin accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall setup
- Safe RDP access
- Recommend AntiVirus tools selection and configuration
The online interview included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business and requires more time for bigger or more complicated environments. The written report features recommendations for improving your ability to block or clean up after a ransomware assault and Progent can provide on-demand expertise to assist you to design and deploy an efficient cybersecurity/backup system tailored to your business requirements.
- Split permission architecture for backup integrity
- Backing up critical servers such as AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the victim is required to send a specified amount of money, typically via a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will recover the lost data or prevent its exposure to the public. Files can be altered or erased throughout a network depending on the target's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is booby-trapped email, whereby the user is tricked into interacting with by means of a social engineering technique known as spear phishing. This causes the email message to look as though it came from a familiar source. Another common attack vector is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is said to be billions of dollars annually, roughly doubling every other year. Notorious attacks are WannaCry, and Petya. Recent high-profile variants like Ryuk, DoppelPaymer and Spora are more sophisticated and have caused more havoc than earlier strains. Even if your backup/recovery processes enable you to restore your encrypted files, you can still be hurt by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because additional variants of ransomware are launched every day, there is no guarantee that traditional signature-based anti-virus tools will detect a new malware. If an attack does show up in an email, it is important that your end users have been taught to identify social engineering tricks. Your ultimate protection is a sound scheme for scheduling and retaining remote backups plus the deployment of dependable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Testing in Downers Grove
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Review can bolster your defense against crypto-ransomware in Downers Grove, phone Progent at 800-462-8800 or see Contact Progent.