Ransomware has been weaponized by cybercriminals and malicious states, representing a possibly existential risk to businesses that fall victim. Current strains of crypto-ransomware go after all vulnerable resources, including backup, making even selective recovery a challenging and expensive exercise. New versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have emerged, replacing Locky, TeslaCrypt, and Petya in prominence, sophistication, and destructiveness.
90% of ransomware infections are caused by innocent-looking emails that include dangerous links or file attachments, and a high percentage are so-called "zero-day" strains that elude detection by traditional signature-based antivirus filters. Although user education and frontline identification are important to protect against ransomware attacks, leading practices dictate that you expect that some malware will eventually succeed and that you implement a solid backup mechanism that permits you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around an online discussion with a Progent cybersecurity consultant skilled in ransomware defense and repair. During this interview Progent will work directly with your Ottawa network management staff to gather critical data about your security setup and backup processes. Progent will use this data to generate a Basic Security and Best Practices Assessment documenting how to adhere to best practices for implementing and managing your security and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key areas related to ransomware prevention and restoration recovery. The report covers:
- Effective allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall configuration
- Safe Remote Desktop Protocol connections
- Recommend AntiVirus filtering selection and configuration
The remote interview included with the ProSight Ransomware Vulnerability Assessment service lasts about an hour for the average small business and longer for larger or more complex environments. The report document includes recommendations for improving your ability to ward off or clean up after a ransomware incident and Progent can provide on-demand consulting services to help your business to design and deploy an efficient cybersecurity/backup system tailored to your business requirements.
- Split permission model for backup protection
- Protecting critical servers such as Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a type of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the carnage, the victim is required to pay a specified amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a short period of time. It is never certain that paying the ransom will recover the lost files or avoid its exposure to the public. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A common ransomware attack vector is tainted email, whereby the user is tricked into responding to by a social engineering technique called spear phishing. This makes the email message to appear to come from a trusted source. Another popular vulnerability is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage caused by different versions of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous examples are WannaCry, and NotPetya. Current headline variants like Ryuk, DoppelPaymer and TeslaCrypt are more elaborate and have wreaked more havoc than earlier strains. Even if your backup procedures allow your business to recover your ransomed files, you can still be hurt by so-called exfiltration, where ransomed data are exposed to the public (known as "doxxing"). Because new versions of ransomware crop up daily, there is no guarantee that traditional signature-based anti-virus filters will detect the latest malware. If an attack does show up in an email, it is important that your end users have learned to be aware of phishing techniques. Your last line of protection is a solid scheme for performing and retaining remote backups and the deployment of dependable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Review in Ottawa
For pricing details and to learn more about how Progent's ProSight Ransomware Susceptibility Testing can enhance your protection against crypto-ransomware in Ottawa, phone Progent at 800-462-8800 or see Contact Progent.