Ransomware has been weaponized by cyber extortionists and malicious governments, representing a possibly existential risk to companies that are successfully attacked. Modern variations of ransomware go after everything, including online backup, making even selective restoration a challenging and expensive exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Nephilim have made the headlines, replacing Locky, Spora, and NotPetya in prominence, sophistication, and destructiveness.
Most ransomware infections are the result of innocent-seeming emails with malicious hyperlinks or attachments, and a high percentage are so-called "zero-day" strains that can escape detection by legacy signature-matching antivirus filters. Although user training and up-front identification are important to defend your network against ransomware attacks, leading practices dictate that you expect that some malware will eventually succeed and that you prepare a strong backup mechanism that allows you to repair the damage rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around an online interview with a Progent cybersecurity consultant skilled in ransomware defense and repair. In the course of this assessment Progent will work with your Glendale IT management staff to gather critical data concerning your security posture and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Assessment documenting how to apply best practices for configuring and administering your security and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital issues related to ransomware defense and restoration recovery. The report addresses:
Security
About Ransomware
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the target's computer. To avoid the carnage, the target is required to send a specified ransom, usually via a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that paying the extortion price will restore the damaged files or prevent its publication. Files can be encrypted or deleted across a network based on the victim's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the user is lured into responding to by a social engineering exploit called spear phishing. This makes the email message to appear to come from a trusted sender. Another common vulnerability is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Famous examples include Locky, and Petya. Recent headline variants like Ryuk, Sodinokibi and Cerber are more sophisticated and have wreaked more damage than earlier strains. Even if your backup procedures enable you to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen documents are made public (known as "doxxing"). Because new versions of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus tools will detect the latest attack. If threat does show up in an email, it is important that your users have been taught to identify phishing tricks. Your ultimate defense is a sound process for scheduling and keeping remote backups and the use of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Evaluation in Glendale
For pricing information and to find out more about how Progent's ProSight Ransomware Readiness Review can enhance your protection against crypto-ransomware in Glendale, call Progent at