Ransomware has been weaponized by cyber extortionists and malicious governments, posing a possibly existential risk to companies that are successfully attacked. Current versions of ransomware target all vulnerable resources, including online backup, making even selective restoration a challenging and costly exercise. Novel versions of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have made the headlines, displacing WannaCry, Spora, and CryptoWall in notoriety, sophistication, and destructive impact.
Most ransomware infections come from innocent-seeming emails that include dangerous hyperlinks or file attachments, and many are so-called "zero-day" variants that elude detection by legacy signature-based antivirus tools. Although user training and frontline identification are critical to defend against ransomware, best practices dictate that you take for granted some malware will eventually get through and that you prepare a solid backup mechanism that enables you to restore files and services rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service built around an online discussion with a Progent cybersecurity consultant skilled in ransomware protection and recovery. During this interview Progent will work directly with your Hayward IT management staff to collect critical data concerning your security profile and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to follow best practices for configuring and managing your cybersecurity and backup solution to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key areas associated with ransomware prevention and restoration recovery. The review covers:
Security
About Ransomware
Ransomware is a type of malware that encrypts or steals files so they cannot be used or are publicized. Ransomware often locks the target's computer. To avoid the damage, the victim is required to send a specified ransom, usually via a crypto currency like Bitcoin, within a short period of time. It is never certain that delivering the ransom will recover the lost files or prevent its publication. Files can be altered or deleted throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, whereby the target is lured into responding to by means of a social engineering exploit called spear phishing. This makes the email message to appear to come from a trusted source. Another common vulnerability is a poorly protected RDP port.
CryptoLocker opened the new age of ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious attacks are WannaCry, and NotPetya. Current headline threats like Ryuk, DoppelPaymer and Spora are more complex and have wreaked more damage than earlier strains. Even if your backup/recovery processes enable you to restore your ransomed data, you can still be hurt by exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus tools will block a new attack. If threat does appear in an email, it is important that your end users have learned to be aware of social engineering tricks. Your ultimate defense is a sound process for performing and retaining remote backups and the deployment of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Consultation in Hayward
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can enhance your protection against ransomware in Hayward, phone Progent at