Ransomware has been widely adopted by cybercriminals and bad-actor states, posing a possibly lethal threat to businesses that are successfully attacked. Modern versions of ransomware target everything, including online backup, making even selective restoration a complex and costly exercise. Novel variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have made the headlines, displacing WannaCry, Cerber, and NotPetya in notoriety, elaborateness, and destructive impact.
Most ransomware penetrations are the result of innocuous-looking emails that include dangerous hyperlinks or attachments, and a high percentage are so-called "zero-day" strains that elude the defenses of traditional signature-based antivirus tools. While user education and frontline identification are important to defend against ransomware attacks, leading practices dictate that you assume some attacks will inevitably succeed and that you put in place a solid backup solution that permits you to recover quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around an online discussion with a Progent cybersecurity expert experienced in ransomware protection and recovery. In the course of this interview Progent will work directly with your Durham IT management staff to gather pertinent data about your security profile and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Assessment documenting how to adhere to best practices for configuring and managing your security and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key areas related to ransomware defense and restoration recovery. The report addresses:
Security
About Ransomware
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the victim's computer. To prevent the carnage, the target is asked to pay a specified amount of money, usually via a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that delivering the extortion price will restore the lost files or prevent its exposure to the public. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is spoofed email, in which the victim is tricked into responding to by a social engineering technique called spear phishing. This causes the email message to appear to come from a trusted sender. Another popular attack vector is a poorly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Notorious examples include Locky, and NotPetya. Recent high-profile threats like Ryuk, Sodinokibi and TeslaCrypt are more complex and have wreaked more damage than earlier strains. Even if your backup/recovery procedures enable you to recover your encrypted files, you can still be hurt by exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus tools will block a new attack. If threat does appear in an email, it is important that your end users have been taught to be aware of social engineering tricks. Your ultimate protection is a solid scheme for performing and keeping remote backups and the use of reliable recovery platforms.
Ask Progent About the ProSight Ransomware Readiness Review in Durham
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Consultation can bolster your protection against crypto-ransomware in Durham, call Progent at