broken image
broken image
broken image
  • Home
  • News
  • AP Lens 
    • Sandbox Browser
  • AHO eLearn 
    • AHO eLearn
    • AHO video
  • Blog
  • About Us 
    • About Us
    • Career
    • Terms of Service
  • …  
    • Home
    • News
    • AP Lens 
      • Sandbox Browser
    • AHO eLearn 
      • AHO eLearn
      • AHO video
    • Blog
    • About Us 
      • About Us
      • Career
      • Terms of Service
    broken image
    broken image
    broken image
    • Home
    • News
    • AP Lens 
      • Sandbox Browser
    • AHO eLearn 
      • AHO eLearn
      • AHO video
    • Blog
    • About Us 
      • About Us
      • Career
      • Terms of Service
    • …  
      • Home
      • News
      • AP Lens 
        • Sandbox Browser
      • AHO eLearn 
        • AHO eLearn
        • AHO video
      • Blog
      • About Us 
        • About Us
        • Career
        • Terms of Service
      broken image

      3 technologies most vulnerable to Ransomware attack

      SMEs are easy targets if they use them without proper controls

      · Ransomware,RDP,PrintNightmare

      Needless to say ransomware and cyber attacks are increasing. One reason is that cyber criminals created infrastructure and process ready to launch when they find an easy target. It is called Ransomware as a Service (RaaS) which ransomware developers sell or lease their ransomware variants to buyers who then use them to perform an attack. Ransomware attacks became available to unskilled, malicious persons like ex-employees or competitors. 

      Most commonly found and widely used ransomwares share some basic charateristics. They all target remote access control protocols and also technologies that are widely used by SMEs. As RaaS has to be effective and covers large potential victims, less popular technologies are not worth RaaS developers to build their business on. SMEs are limited in IT resources and should pay attention to the high risk issues. Here are three technologies that most vulnerable to ransomware attacks. 

      1. Remote Control and Remote Desktop 

      Most companies use remote desktop software to allow IT support personnel fixing system errors without physically travelling to the users' desk. However, remote control software like VNC or RDP is an easy target since the computer running these software usually is connected to Internet and can be found easily by scanning the network. Usually these remote control software use standard and well known TCP port (like port 3389) and can be easily identified by hackers. 

      Berkeley University Information Security Office wrote an excellent article on how to reduce risks when using RDP.  Some steps are basic and everyone shall follow their suggestions. 

      2. Network Printer Services 

      Printers are usually shared in an office. The shared printer opens its network for each PC to connect, this can be convienent but at the same time can become a hotbed for computer virus. Printing spooler software in Microsoft Windows recently found to be vulnerable to remote attacks and US Govt Cybersecurity and Infrastructure Security Agency (CISA) released an emergency alert on 1st July to disable the Windows Print spooler service in Windows Server.

       

      3. Network Attached Storage 

      Many SMEs are using network storage storage (NAS) products like QNAS or Synology. The NAS is like a large file server that can store daily files as well as backup files. NAS are not safe to connect to Internet directly, it is recommended to protect NAS system with a secure firewall. However, most SME office network do not have secure firewall for NAS. The lack of network control on NAS is the main cause of many ransomware attacks. 

      If your office is using these technologies, the risk of ransomware attack is higher than other companies. The risk is even higher if no action is taken. 

      Controlling the network access is the most effective way to stop cybercriminals from exploiting these technologies. By limiting what type of data can reach your computers, you have less worry about opportunistic hackers! You and your company don't want to be the low hanging fruit when cybercriminals are searching the Internet.

      Network isolation is the most effective method as you significantly reduce attack opportunities. 

       

      broken image

      Copyright (C) Hoplite Technology Ltd. 

      Privacy Statement https://www.hoplite-tech.com?open=privacy-policy

       

       

      Subscribe
      Previous
      How VIP email addresses are weaponized?There are 3 ways...
      Next
      What Security Training Is Required For GDPR Compliance?
       Return to site
      Cancel