Ransomware has been weaponized by cyber extortionists and bad-actor governments, posing a possibly existential threat to companies that fall victim. Modern variations of crypto-ransomware go after everything, including backup, making even selective recovery a complex and costly process. New versions of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Nephilim have made the headlines, replacing WannaCry, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware infections are caused by innocent-looking emails that include dangerous links or attachments, and many are "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) filters. Although user education and up-front identification are critical to defend against ransomware attacks, best practices dictate that you take for granted some attacks will inevitably get through and that you deploy a strong backup solution that permits you to recover rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service built around an online interview with a Progent cybersecurity consultant skilled in ransomware defense and recovery. During this interview Progent will cooperate with your Durham network managers to collect critical data about your cybersecurity setup and backup environment. Progent will use this information to generate a Basic Security and Best Practices Assessment detailing how to apply leading practices for implementing and managing your security and backup solution to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues associated with crypto-ransomware defense and restoration recovery. The report addresses:
Cybersecurity
About Ransomware
Ransomware is a variety of malicious software that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the carnage, the victim is required to send a certain amount of money, typically in the form of a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the ransom will restore the damaged data or avoid its publication. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, in which the target is lured into interacting with by a social engineering technique called spear phishing. This causes the email to appear to come from a trusted source. Another common vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses caused by the many versions of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous examples are Locky, and Petya. Recent high-profile threats like Ryuk, DoppelPaymer and Spora are more complex and have wreaked more havoc than older strains. Even if your backup/recovery processes allow you to restore your encrypted data, you can still be threatened by so-called exfiltration, where ransomed documents are made public. Because new variants of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus filters will block the latest attack. If threat does appear in an email, it is important that your end users have been taught to be aware of social engineering techniques. Your ultimate protection is a solid process for scheduling and retaining offsite backups and the use of reliable restoration tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Review in Durham
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Evaluation can bolster your defense against crypto-ransomware in Durham, phone Progent at