Ransomware Is A Growing IT Security Threat In 2017

February 21st, 2017 News
Ransomware Is A Growing IT Security Threat In 2017

One of our services in providing managed IT is the protection of your network and workstations from cyber attacks such as ransomware.

In the past year, ransomware has run rampant as a threat to IT security worldwide, without any signs of slowing down. Instances of ransomware attacks have more than doubled last month, compared to the number of attacks observed in 2016.

If your business holds any critical data on its servers, about your clients or confidential business information, you need to be aware of the threats pertaining to ransomware and how to best protect yourself.

How Does Ransomware Work?

Recent ransomware attacks follow a similar trend:

The attacker “brute forces” your workstation’s open Remote Desktop Port (RDP). Once they have access, the attacker will install different versions of ransomware to workstations throughout your entire enterprise network. Some cases cite six versions of ransomware being installed to workstations in a network, within ten minutes of a successful attack.

The attacker will keep your data hostage unless you pay the attacker a certain ransom. Part of the reason why ransomware is so rampant, is because it is a very lucrative form of cyber-attack.

It is worthwhile to note that some ransomware attacks can infect connected devices (such as your printer) with trojans, so even if you decide to pay the ransom, the attacker may be able to infect your network at a later date if they so wish.

Once your network is infected by ransomware, you are placed in a very difficult situation with few viable options.

Who Is Most At Risk For Ransomware Attacks?

Recent ransomware attackers have been active in targeting health care organizations. Lucrative targets for ransomware attacks include accounting, tax and point-of-sale (POS) software providers.

Any business with servers that hold personal information or data critical to business continuity, is fair game and a potential target for an attacker.

If your business holds any sensitive data – make sure you take the proper steps to protect yourself.

How To Protect Yourself From Ransomware

We’ve discussed the topic of how to deal with ransomware in the past. You can deter attackers with stronger login credentials, but this only works to a certain extent.

Unfortunately, brute-forcing is a fairly strong method of bypassing security for any account with weak credentials. It is done by repeatedly trying to connect through the RDP port with different username and password combinations.

The attacker will target your workstation using the following criteria:

  1. The attacker identifies that your RDP port is available online
  2. The attacker notes that your workstation is connected to an enterprise network

It naturally follows that a workstation without an open RDP port, or one that is not connected to an enterprise network, is a less likely target.

For many organizations, workstations will require an open RDP and require a connection to the larger enterprise network. They cannot help being a lucrative target for ransomware attacks.

In these scenarios – having proper backups in place would be your best option.

It is advisable to have regular back-ups in three different media formats, and at least one backup stored off-site. As part of our managed IT service, we provide regular backups to ensure that your data is properly secured. We also set up a firewall to your network, helping you mitigate RDP attacks by implementing secure VPN tunnels.

Whether your business has 20 workstations, 30 workstations or more, we advise you not to take any risks when it comes to your data. Our managed IT service keeps your data safe, especially if your staff require remote access.

For more information about protecting yourself from ransomware, or our managed IT services, you can contact our IT support company in Vancouver. Relax! Let us handle IT.