Ransomware has been weaponized by cyber extortionists and malicious governments, posing a potentially lethal risk to companies that fall victim. Current variations of ransomware target all vulnerable resources, including online backup, making even selective restoration a challenging and costly process. Novel versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, replacing WannaCry, Spora, and Petya in prominence, elaborateness, and destructiveness.
Most crypto-ransomware infections come from innocuous-seeming emails that include malicious links or attachments, and a high percentage are "zero-day" attacks that can escape detection by legacy signature-based antivirus (AV) filters. Although user training and frontline identification are important to defend against ransomware, best practices demand that you expect that some attacks will eventually succeed and that you deploy a solid backup solution that allows you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent cybersecurity consultant experienced in ransomware protection and recovery. In the course of this interview Progent will collaborate with your Glendale network managers to gather pertinent data about your security profile and backup environment. Progent will utilize this data to create a Basic Security and Best Practices Assessment documenting how to apply best practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with ransomware defense and restoration recovery. The review addresses:
- Proper allocation and use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol (RDP) configuration
- Advice about AntiVirus (AV) tools identification and deployment
The remote interview for the ProSight Ransomware Preparedness Report service takes about an hour for the average small business and longer for bigger or more complicated IT environments. The report document contains recommendations for enhancing your ability to block or recover from a ransomware incident and Progent offers on-demand expertise to help you and your IT staff to design and deploy a cost-effective security/data backup solution customized for your specific needs.
- Split permission architecture for backup protection
- Protecting required servers such as Active Directory
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malware that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the victim's computer. To avoid the damage, the victim is asked to pay a specified amount of money, typically via a crypto currency like Bitcoin, within a brief period of time. It is not guaranteed that delivering the ransom will restore the lost files or prevent its exposure to the public. Files can be altered or deleted across a network based on the target's write permissions, and you cannot solve the strong encryption technologies used on the hostage files. A typical ransomware attack vector is booby-trapped email, whereby the user is tricked into responding to by a social engineering exploit known as spear phishing. This causes the email message to look as though it came from a trusted sender. Another common vulnerability is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous attacks are Locky, and Petya. Recent headline threats like Ryuk, Sodinokibi and Cerber are more elaborate and have caused more damage than earlier strains. Even if your backup/recovery procedures enable you to restore your encrypted data, you can still be hurt by exfiltration, where ransomed documents are made public. Because new versions of ransomware crop up daily, there is no guarantee that conventional signature-based anti-virus filters will detect a new attack. If an attack does appear in an email, it is important that your end users have been taught to be aware of phishing tricks. Your ultimate defense is a sound process for scheduling and retaining offsite backups plus the deployment of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Checkup in Glendale
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Audit can bolster your protection against crypto-ransomware in Glendale, call Progent at 800-993-9400 or visit Contact Progent.