Ransomware has been weaponized by cyber extortionists and malicious governments, posing a potentially existential risk to companies that are successfully attacked. Modern variations of ransomware target everything, including online backup, making even partial recovery a complex and costly exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Nephilim have made the headlines, displacing WannaCry, Spora, and NotPetya in notoriety, sophistication, and destructive impact.
Most ransomware penetrations are caused by innocent-looking emails with malicious hyperlinks or attachments, and many are "zero-day" strains that can escape detection by legacy signature-based antivirus tools. While user education and frontline identification are important to protect against ransomware attacks, best practices demand that you expect that some attacks will inevitably succeed and that you prepare a solid backup mechanism that permits you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around an online interview with a Progent security consultant skilled in ransomware protection and recovery. During this interview Progent will work with your Lynnwood network managers to collect critical data about your cybersecurity setup and backup environment. Progent will use this data to create a Basic Security and Best Practices Assessment documenting how to apply leading practices for implementing and managing your security and backup systems to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas associated with ransomware prevention and restoration recovery. The review covers:
- Effective allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall setup
- Safe RDP connections
- Guidance for AntiVirus (AV) tools identification and configuration
The online interview process included with the ProSight Ransomware Preparedness Checkup service lasts about an hour for a typical small company and requires more time for larger or more complex IT environments. The written report features recommendations for improving your ability to block or recover from a ransomware attack and Progent offers as-needed consulting services to help you to create an efficient security/data backup solution customized for your business requirements.
- Split permission architecture for backup integrity
- Protecting required servers including Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes a victim's files so they cannot be used or are made publicly available. Ransomware often locks the victim's computer. To prevent the damage, the victim is required to pay a certain amount of money, usually via a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the ransom will recover the damaged data or prevent its exposure to the public. Files can be encrypted or deleted throughout a network based on the victim's write permissions, and you cannot solve the strong encryption technologies used on the hostage files. A common ransomware delivery package is booby-trapped email, whereby the target is tricked into responding to by means of a social engineering exploit known as spear phishing. This causes the email message to appear to come from a trusted sender. Another popular vulnerability is an improperly secured RDP port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage attributed to by different versions of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks include WannaCry, and Petya. Recent headline threats like Ryuk, Sodinokibi and Cerber are more complex and have caused more damage than earlier versions. Even if your backup/recovery procedures permit your business to recover your encrypted data, you can still be hurt by exfiltration, where stolen documents are made public (known as "doxxing"). Because additional variants of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus filters will detect the latest malware. If threat does show up in an email, it is critical that your users have been taught to identify phishing techniques. Your ultimate protection is a solid process for performing and keeping remote backups plus the deployment of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Vulnerability Assessment in Lynnwood
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Readiness Checkup can bolster your protection against ransomware in Lynnwood, call Progent at 800-462-8800 or see Contact Progent.