Ransomware has been weaponized by the major cyber-crime organizations and malicious governments, posing a possibly existential risk to companies that are successfully attacked. Current variations of crypto-ransomware target everything, including online backup, making even partial restoration a complex and costly exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Nephilim have emerged, replacing WannaCry, Cerber, and Petya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware infections are the result of innocuous-looking emails with dangerous links or attachments, and a high percentage are "zero-day" variants that can escape detection by legacy signature-matching antivirus tools. While user education and frontline detection are critical to defend your network against ransomware attacks, best practices dictate that you assume some attacks will eventually get through and that you prepare a strong backup solution that enables you to restore files and services quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around an online discussion with a Progent security consultant skilled in ransomware defense and recovery. In the course of this interview Progent will collaborate with your Fresno network managers to gather pertinent information about your security configuration and backup environment. Progent will use this information to create a Basic Security and Best Practices Assessment detailing how to apply leading practices for configuring and administering your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to ransomware prevention and restoration recovery. The review covers:
- Correct use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Optimal firewall setup
- Secure Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus tools selection and configuration
The online interview included with the ProSight Ransomware Vulnerability Report service takes about one hour for the average small business network and requires more time for bigger or more complicated environments. The report document contains recommendations for enhancing your ability to ward off or clean up after a ransomware attack and Progent offers as-needed consulting services to help you to design and deploy a cost-effective cybersecurity/data backup system customized for your specific needs.
- Split permission model for backup integrity
- Backing up required servers such as Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes a victim's files so they are unusable or are made publicly available. Crypto-ransomware often locks the victim's computer. To prevent the damage, the victim is asked to pay a certain amount of money, usually via a crypto currency such as Bitcoin, within a short period of time. There is no guarantee that delivering the extortion price will restore the damaged data or prevent its publication. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is spoofed email, whereby the victim is tricked into interacting with by a social engineering technique called spear phishing. This causes the email message to look as though it came from a familiar source. Another popular vulnerability is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is said to be billions of dollars annually, roughly doubling every two years. Famous attacks include WannaCry, and Petya. Current headline threats like Ryuk, Maze and Spora are more sophisticated and have wreaked more havoc than earlier versions. Even if your backup processes enable your business to restore your ransomed files, you can still be hurt by exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched every day, there is no certainty that conventional signature-matching anti-virus tools will block the latest malware. If an attack does show up in an email, it is important that your end users have learned to identify phishing techniques. Your ultimate defense is a sound process for performing and retaining remote backups and the use of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Susceptibility Checkup in Fresno
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Audit can bolster your protection against ransomware in Fresno, call Progent at 800-993-9400 or visit Contact Progent.