Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue governments, representing a potentially lethal threat to companies that are victimized. Current strains of ransomware go after all vulnerable resources, including backup, making even selective restoration a complex and costly exercise. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have emerged, displacing WannaCry, Cerber, and Petya in notoriety, sophistication, and destructiveness.
Most ransomware penetrations come from innocent-looking emails with dangerous links or file attachments, and many are "zero-day" variants that can escape detection by legacy signature-based antivirus filters. While user education and frontline identification are important to protect your network against ransomware, best practices dictate that you assume some attacks will inevitably succeed and that you implement a strong backup mechanism that allows you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service built around a remote interview with a Progent cybersecurity expert skilled in ransomware defense and recovery. In the course of this assessment Progent will cooperate with your São Paulo network management staff to gather critical data concerning your security posture and backup processes. Progent will utilize this data to generate a Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key issues associated with ransomware prevention and restoration recovery. The report addresses:
Security
About Ransomware
Ransomware is a form of malicious software that encrypts or steals a victim's files so they cannot be used or are made publicly available. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the target is asked to send a specified amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a brief period of time. It is never certain that paying the extortion price will recover the damaged files or prevent its publication. Files can be altered or erased across a network depending on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware delivery package is booby-trapped email, in which the victim is lured into responding to by a social engineering technique known as spear phishing. This makes the email to look as though it came from a trusted sender. Another popular attack vector is a poorly protected Remote Desktop Protocol port.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by different strains of ransomware is said to be billions of dollars annually, more than doubling every two years. Famous examples include WannaCry, and NotPetya. Current headline variants like Ryuk, Sodinokibi and TeslaCrypt are more elaborate and have caused more damage than earlier versions. Even if your backup/recovery procedures permit your business to recover your ransomed data, you can still be hurt by exfiltration, where ransomed data are made public (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anti-virus tools will detect the latest malware. If threat does show up in an email, it is critical that your end users have been taught to identify phishing tricks. Your ultimate defense is a sound process for performing and keeping offsite backups and the deployment of reliable recovery tools.
Contact Progent About the ProSight Ransomware Readiness Report in São Paulo
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Review can enhance your defense against crypto-ransomware in São Paulo, phone Progent at