Ransomware has become the weapon of choice for the major cyber-crime organizations and malicious governments, posing a possibly existential threat to businesses that are victimized. The latest variations of ransomware target all vulnerable resources, including online backup, making even selective restoration a long and costly process. New versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, replacing WannaCry, Spora, and CryptoWall in prominence, elaborateness, and destructive impact.
90% of ransomware infections come from innocuous-looking emails with dangerous links or attachments, and many are so-called "zero-day" variants that elude the defenses of traditional signature-matching antivirus tools. While user education and up-front identification are important to protect against ransomware attacks, best practices demand that you expect that some attacks will eventually succeed and that you deploy a solid backup mechanism that permits you to repair the damage rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service built around a remote discussion with a Progent cybersecurity consultant skilled in ransomware protection and recovery. During this interview Progent will work with your São Paulo network management staff to gather critical information about your cybersecurity posture and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Report detailing how to follow leading practices for configuring and managing your security and backup systems to block or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital areas related to crypto-ransomware prevention and restoration recovery. The review addresses:
- Effective allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall configuration
- Secure Remote Desktop Protocol (RDP) access
- Recommend AntiVirus (AV) tools identification and configuration
The online interview for the ProSight Ransomware Vulnerability Checkup service lasts about one hour for a typical small business network and longer for bigger or more complex environments. The report document includes recommendations for improving your ability to ward off or recover from a ransomware attack and Progent can provide on-demand expertise to assist you to create an efficient cybersecurity/backup solution tailored to your business needs.
- Split permission model for backup integrity
- Backing up critical servers such as Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the victim's computer. To prevent the carnage, the target is required to pay a certain ransom, typically via a crypto currency such as Bitcoin, within a short period of time. There is no guarantee that paying the ransom will restore the lost data or avoid its publication. Files can be altered or erased throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, whereby the victim is lured into responding to by means of a social engineering technique called spear phishing. This causes the email to look as though it came from a trusted sender. Another popular vulnerability is a poorly protected Remote Desktop Protocol port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Notorious attacks are Locky, and NotPetya. Current high-profile threats like Ryuk, Sodinokibi and Cerber are more sophisticated and have caused more damage than earlier strains. Even if your backup processes allow you to recover your ransomed data, you can still be threatened by exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up every day, there is no guarantee that traditional signature-based anti-virus tools will detect a new malware. If threat does show up in an email, it is important that your end users have learned to be aware of phishing tricks. Your ultimate protection is a sound scheme for scheduling and keeping remote backups plus the deployment of reliable recovery platforms.
Contact Progent About the ProSight Ransomware Preparedness Review in São Paulo
For pricing information and to learn more about how Progent's ProSight Ransomware Susceptibility Report can bolster your defense against crypto-ransomware in São Paulo, phone Progent at 800-462-8800 or visit Contact Progent.