Ransomware has been widely adopted by cybercriminals and malicious states, posing a potentially lethal threat to companies that are breached. The latest strains of ransomware target everything, including online backup, making even selective recovery a complex and costly exercise. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have made the headlines, displacing Locky, Spora, and Petya in notoriety, sophistication, and destructive impact.
Most ransomware infections come from innocent-seeming emails that have malicious links or file attachments, and a high percentage are "zero-day" attacks that elude the defenses of traditional signature-based antivirus (AV) tools. Although user training and frontline detection are critical to protect your network against ransomware attacks, best practices dictate that you assume some malware will inevitably get through and that you prepare a solid backup mechanism that permits you to repair the damage quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware protection and repair. During this assessment Progent will cooperate with your Toledo network management staff to collect pertinent information concerning your cybersecurity configuration and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and administering your security and backup systems to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key areas associated with ransomware defense and restoration recovery. The review covers:
- Proper allocation and use of admin accounts
- Correct NTFS and SMB authorizations
- Optimal firewall setup
- Safe RDP configuration
- Recommend AntiVirus tools selection and deployment
The remote interview process included with the ProSight Ransomware Vulnerability Assessment service takes about an hour for the average small company and requires more time for bigger or more complicated IT environments. The written report includes suggestions for improving your ability to block or recover from a ransomware incident and Progent can provide as-needed expertise to help you and your IT staff to design and deploy an efficient security/backup system customized for your business requirements.
- Split permission model for backup integrity
- Protecting critical servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or steals files so they are unusable or are made publicly available. Crypto-ransomware often locks the target's computer. To prevent the carnage, the target is required to pay a specified amount of money, usually in the form of a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that paying the extortion price will recover the lost files or prevent its exposure to the public. Files can be encrypted or erased across a network based on the victim's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is tainted email, whereby the victim is lured into responding to by means of a social engineering technique known as spear phishing. This causes the email message to appear to come from a familiar source. Another common attack vector is an improperly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the damage attributed to by different strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious examples are Locky, and Petya. Recent headline variants like Ryuk, Maze and Spora are more sophisticated and have wreaked more damage than older strains. Even if your backup/recovery processes allow your business to recover your encrypted files, you can still be threatened by exfiltration, where stolen data are made public. Because new versions of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus tools will block the latest attack. If threat does show up in an email, it is critical that your end users have learned to be aware of phishing tricks. Your ultimate protection is a sound scheme for performing and retaining offsite backups plus the use of reliable recovery tools.
Ask Progent About the ProSight Ransomware Preparedness Evaluation in Toledo
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Consultation can bolster your defense against crypto-ransomware in Toledo, phone Progent at 800-462-8800 or see Contact Progent.