Ransomware has been weaponized by cybercriminals and rogue governments, representing a potentially existential risk to companies that are breached. The latest strains of ransomware go after everything, including backup, making even partial restoration a long and costly exercise. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have made the headlines, replacing Locky, Spora, and Petya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware penetrations are caused by innocuous-seeming emails with malicious hyperlinks or file attachments, and a high percentage are "zero-day" strains that elude the defenses of legacy signature-based antivirus (AV) filters. While user education and up-front identification are important to protect against ransomware, leading practices demand that you expect that some attacks will inevitably succeed and that you put in place a solid backup solution that allows you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service centered around an online discussion with a Progent security expert experienced in ransomware defense and repair. During this assessment Progent will work with your Fargo IT managers to gather pertinent information about your security posture and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Report documenting how to apply best practices for configuring and managing your cybersecurity and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with crypto-ransomware defense and restoration recovery. The review addresses:
Security
About Ransomware
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the target is asked to pay a specified amount of money, usually via a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will recover the lost files or avoid its publication. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot break the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is spoofed email, whereby the target is tricked into responding to by means of a social engineering exploit called spear phishing. This causes the email to appear to come from a familiar source. Another common vulnerability is an improperly protected RDP port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars annually, roughly doubling every two years. Notorious attacks include WannaCry, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and Cerber are more elaborate and have wreaked more damage than older strains. Even if your backup/recovery procedures allow you to restore your encrypted files, you can still be hurt by exfiltration, where stolen documents are made public (known as "doxxing"). Because additional variants of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus tools will block a new malware. If an attack does appear in an email, it is critical that your end users have been taught to identify phishing techniques. Your ultimate defense is a sound process for performing and retaining offsite backups plus the deployment of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Preparedness Testing in Fargo
For pricing details and to learn more about how Progent's ProSight Ransomware Vulnerability Evaluation can bolster your protection against ransomware in Fargo, call Progent at