Ransomware has been widely adopted by cybercriminals and bad-actor governments, posing a possibly existential risk to businesses that are victimized. Modern strains of ransomware go after all vulnerable resources, including backup, making even selective recovery a long and costly process. Novel strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Egregor have emerged, replacing WannaCry, Spora, and NotPetya in prominence, sophistication, and destructive impact.
Most crypto-ransomware penetrations are caused by innocent-seeming emails that include malicious links or file attachments, and many are so-called "zero-day" strains that can escape detection by traditional signature-based antivirus (AV) tools. While user training and frontline detection are important to protect against ransomware, leading practices demand that you expect that some malware will eventually get through and that you implement a strong backup mechanism that allows you to repair the damage rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online interview with a Progent security consultant skilled in ransomware protection and recovery. During this interview Progent will collaborate with your Fort Lauderdale network managers to gather pertinent information concerning your security configuration and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Report detailing how to adhere to best practices for configuring and managing your cybersecurity and backup systems to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with crypto-ransomware defense and restoration recovery. The review addresses:
- Effective allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol configuration
- Advice about AntiVirus (AV) filtering identification and deployment
The remote interview included with the ProSight Ransomware Vulnerability Report service takes about one hour for a typical small company and requires more time for bigger or more complicated environments. The report document contains recommendations for enhancing your ability to block or clean up after a ransomware attack and Progent offers as-needed expertise to assist you to create a cost-effective security/backup system tailored to your specific requirements.
- Split permission model for backup integrity
- Protecting key servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a form of malware that encrypts or deletes a victim's files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the carnage, the target is required to send a specified amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that paying the extortion price will recover the lost files or prevent its exposure to the public. Files can be altered or deleted across a network based on the target's write permissions, and you cannot solve the strong encryption technologies used on the hostage files. A common ransomware attack vector is tainted email, in which the user is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to appear to come from a familiar sender. Another common vulnerability is an improperly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars annually, more than doubling every two years. Notorious attacks include WannaCry, and Petya. Recent headline variants like Ryuk, Sodinokibi and Cerber are more elaborate and have wreaked more havoc than earlier strains. Even if your backup procedures allow your business to restore your encrypted files, you can still be hurt by so-called exfiltration, where stolen documents are exposed to the public. Because additional variants of ransomware crop up every day, there is no guarantee that conventional signature-matching anti-virus tools will block a new attack. If an attack does appear in an email, it is critical that your users have learned to identify phishing techniques. Your last line of protection is a solid process for performing and retaining remote backups plus the use of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Susceptibility Evaluation in Fort Lauderdale
For pricing information and to learn more about how Progent's ProSight Ransomware Readiness Assessment can bolster your protection against ransomware in Fort Lauderdale, call Progent at 800-993-9400 or see Contact Progent.