Ransomware has been widely adopted by the major cyber-crime organizations and malicious governments, posing a potentially lethal threat to companies that are breached. The latest strains of crypto-ransomware target everything, including online backup, making even partial restoration a complex and costly exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have made the headlines, replacing Locky, TeslaCrypt, and CryptoWall in prominence, sophistication, and destructiveness.
Most ransomware penetrations come from innocent-seeming emails with malicious links or attachments, and many are "zero-day" attacks that can escape the defenses of legacy signature-matching antivirus tools. Although user training and up-front detection are critical to defend against ransomware, leading practices dictate that you assume some malware will eventually succeed and that you prepare a strong backup mechanism that allows you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around an online interview with a Progent security expert skilled in ransomware defense and recovery. During this interview Progent will work directly with you to gather pertinent data concerning your cybersecurity profile and backup processes. Progent will utilize this information to create a Basic Security and Best Practices Report detailing how to follow leading practices for implementing and administering your security and backup systems to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on vital issues related to crypto-ransomware prevention and restoration recovery. The review addresses:
Cybersecurity
About Ransomware
Ransomware is a form of malware that encrypts or deletes files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To avoid the damage, the target is required to pay a specified amount of money, typically via a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the ransom will restore the lost files or prevent its exposure to the public. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the target is lured into responding to by means of a social engineering technique called spear phishing. This makes the email to look as though it came from a trusted source. Another common attack vector is a poorly protected RDP port.
CryptoLocker opened the new age of ransomware in 2013, and the damage attributed to by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Notorious examples include WannaCry, and Petya. Recent high-profile threats like Ryuk, Maze and CryptoWall are more elaborate and have caused more damage than older versions. Even if your backup processes enable you to restore your ransomed files, you can still be hurt by exfiltration, where stolen data are exposed to the public. Because new variants of ransomware crop up daily, there is no certainty that traditional signature-based anti-virus tools will block the latest attack. If an attack does appear in an email, it is critical that your users have learned to be aware of social engineering techniques. Your last line of protection is a sound scheme for performing and keeping offsite backups and the use of dependable restoration platforms.
Ask Progent About the ProSight Ransomware Vulnerability Assessment
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Checkup can enhance your protection against ransomware, call Progent at