Ransomware has become the weapon of choice for cybercriminals and malicious governments, posing a possibly existential threat to companies that are victimized. Modern variations of ransomware go after all vulnerable resources, including online backup, making even partial restoration a complex and expensive exercise. Novel strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Egregor have emerged, replacing WannaCry, Cerber, and NotPetya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware breaches are caused by innocent-seeming emails that include malicious hyperlinks or attachments, and a high percentage are "zero-day" attacks that can escape the defenses of traditional signature-matching antivirus (AV) tools. Although user training and frontline identification are critical to defend your network against ransomware, best practices dictate that you expect that some attacks will eventually succeed and that you implement a solid backup solution that enables you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around a remote discussion with a Progent security expert skilled in ransomware defense and recovery. In the course of this assessment Progent will work directly with you to gather critical information concerning your cybersecurity profile and backup processes. Progent will utilize this data to generate a Basic Security and Best Practices Report detailing how to adhere to best practices for implementing and administering your cybersecurity and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on vital areas associated with crypto-ransomware defense and restoration recovery. The review covers:
Cybersecurity
About Ransomware
Ransomware is a type of malicious software that encrypts or deletes files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the carnage, the target is asked to pay a certain amount of money, usually in the form of a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that paying the extortion price will restore the damaged data or prevent its exposure to the public. Files can be encrypted or erased across a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the hostage files. A typical ransomware delivery package is spoofed email, in which the target is lured into responding to by a social engineering technique known as spear phishing. This causes the email to look as though it came from a trusted source. Another common vulnerability is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious attacks include WannaCry, and NotPetya. Recent headline threats like Ryuk, DoppelPaymer and CryptoWall are more complex and have wreaked more havoc than older versions. Even if your backup/recovery procedures allow you to recover your encrypted files, you can still be hurt by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anti-virus filters will block a new attack. If threat does appear in an email, it is important that your end users have learned to be aware of social engineering tricks. Your ultimate protection is a sound process for performing and keeping remote backups plus the use of reliable restoration tools.
Contact Progent About the ProSight Ransomware Preparedness Report
For pricing details and to learn more about how Progent's ProSight Ransomware Vulnerability Checkup can enhance your protection against ransomware, call Progent at