Ransomware has been widely adopted by cyber extortionists and malicious governments, representing a possibly existential threat to businesses that are victimized. Current variations of crypto-ransomware go after all vulnerable resources, including backup, making even partial recovery a complex and costly exercise. Novel versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have emerged, replacing WannaCry, Cerber, and CryptoWall in notoriety, sophistication, and destructive impact.
90% of crypto-ransomware infections are caused by innocuous-looking emails that have dangerous links or file attachments, and a high percentage are so-called "zero-day" strains that can escape the defenses of traditional signature-based antivirus tools. While user training and frontline identification are important to protect your network against ransomware, best practices demand that you expect that some attacks will eventually get through and that you deploy a strong backup mechanism that permits you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around a remote discussion with a Progent security expert skilled in ransomware defense and repair. In the course of this assessment Progent will work directly with your Lima network management staff to gather critical information about your security profile and backup processes. Progent will utilize this data to generate a Basic Security and Best Practices Assessment documenting how to adhere to leading practices for implementing and managing your security and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital issues associated with ransomware defense and restoration recovery. The review covers:
- Correct allocation and use of administration accounts
- Correct NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Optimal firewall settings
- Safe Remote Desktop Protocol (RDP) configuration
- Advice about AntiVirus filtering selection and deployment
The remote interview process for the ProSight Ransomware Preparedness Assessment service lasts about an hour for a typical small company and requires more time for bigger or more complex environments. The written report contains suggestions for enhancing your ability to ward off or clean up after a ransomware incident and Progent offers on-demand expertise to assist your business to design and deploy an efficient security/data backup system tailored to your specific requirements.
- Split permission architecture for backup integrity
- Protecting critical servers such as Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the victim's computer. To prevent the carnage, the target is required to send a certain ransom, usually in the form of a crypto currency such as Bitcoin, within a brief period of time. It is never certain that delivering the ransom will restore the lost files or prevent its publication. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot solve the military-grade encryption algorithms used on the compromised files. A common ransomware delivery package is spoofed email, whereby the target is lured into interacting with by means of a social engineering technique called spear phishing. This causes the email message to appear to come from a familiar sender. Another common vulnerability is a poorly secured RDP port.
CryptoLocker opened the modern era of ransomware in 2013, and the damage attributed to by different strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks include WannaCry, and NotPetya. Recent high-profile threats like Ryuk, DoppelPaymer and TeslaCrypt are more sophisticated and have caused more havoc than older strains. Even if your backup/recovery processes enable your business to restore your encrypted files, you can still be hurt by exfiltration, where ransomed documents are exposed to the public. Because new versions of ransomware crop up every day, there is no guarantee that traditional signature-based anti-virus tools will block a new malware. If an attack does appear in an email, it is critical that your users have learned to be aware of social engineering techniques. Your last line of defense is a sound process for scheduling and retaining remote backups plus the deployment of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Audit in Lima
For pricing details and to learn more about how Progent's ProSight Ransomware Readiness Review can enhance your protection against ransomware in Lima, call Progent at 800-993-9400 or see Contact Progent.