Ransomware has become the weapon of choice for cybercriminals and bad-actor governments, representing a potentially existential threat to companies that are successfully attacked. Current versions of ransomware go after everything, including online backup, making even partial restoration a challenging and expensive exercise. New versions of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have made the headlines, replacing Locky, Spora, and Petya in prominence, sophistication, and destructiveness.
90% of crypto-ransomware infections are the result of innocuous-seeming emails that have malicious hyperlinks or attachments, and many are so-called "zero-day" strains that can escape the defenses of traditional signature-matching antivirus (AV) filters. Although user education and frontline detection are important to defend against ransomware, leading practices demand that you assume some attacks will eventually succeed and that you implement a solid backup solution that allows you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around a remote discussion with a Progent security consultant experienced in ransomware defense and repair. In the course of this assessment Progent will work with your Downers Grove IT managers to collect critical information concerning your security profile and backup processes. Progent will use this data to create a Basic Security and Best Practices Assessment detailing how to adhere to leading practices for implementing and administering your cybersecurity and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas related to crypto-ransomware defense and restoration recovery. The report addresses:
- Effective allocation and use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall setup
- Secure RDP access
- Guidance for AntiVirus (AV) tools selection and configuration
The online interview process included with the ProSight Ransomware Vulnerability Report service takes about an hour for a typical small business and longer for larger or more complex environments. The written report features recommendations for enhancing your ability to ward off or recover from a ransomware attack and Progent can provide on-demand consulting services to help your business to design and deploy an efficient security/backup system tailored to your business requirements.
- Split permission architecture for backup protection
- Backing up key servers such as AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a form of malware that encrypts or steals files so they cannot be used or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is required to pay a specified amount of money, usually in the form of a crypto currency like Bitcoin, within a brief period of time. It is never certain that delivering the extortion price will restore the damaged files or avoid its exposure to the public. Files can be altered or erased throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the hostage files. A common ransomware delivery package is tainted email, whereby the target is tricked into responding to by means of a social engineering technique called spear phishing. This makes the email to appear to come from a familiar source. Another common attack vector is a poorly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Famous examples are WannaCry, and NotPetya. Current high-profile variants like Ryuk, Sodinokibi and TeslaCrypt are more complex and have caused more damage than older versions. Even if your backup/recovery processes permit you to restore your ransomed data, you can still be threatened by so-called exfiltration, where ransomed documents are exposed to the public. Because new versions of ransomware are launched every day, there is no certainty that conventional signature-matching anti-virus tools will block a new attack. If threat does show up in an email, it is important that your end users have learned to identify phishing tricks. Your last line of defense is a solid process for performing and keeping remote backups plus the deployment of reliable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Evaluation in Downers Grove
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can bolster your protection against ransomware in Downers Grove, phone Progent at 800-462-8800 or visit Contact Progent.