“It can’t happen to me,” is the stupidest statement you can make when it comes to computer security. Swiss Govt Says Ransomware Victims Ignored Warnings, Had Poor Security.
If you’re going to ignore warnings, from software and from people who support your business, and you’re going to ignore the recommendations from people who know what they are talking about, how exactly do you expect to avoid becoming a victim of hackers?
While analyzing the recently reported ransomware incidents, the Swiss cybersecurity body identified a number of weaknesses that allowed attackers to successfully breach the companies’ defenses (all of them can be mitigated by MELANI’s recommendations):
• Virus protection and warning messages: Companies either did not notice or did not take seriously the warning messages from antivirus software that malware had been found on servers (e.g. domain controllers).
• Remote access protection: Remote connections to systems, so-called Remote Desktop Protocols (RDP), were often protected with a weak password and the input was only set to the default (standard port 3389) and without restrictions (e.g. VPN or IP filter).
• Notifications from authorities: Notifications from authorities or from internet service providers (ISPs) about potential infections were ignored or not taken seriously by the affected companies.
• Offline backups and updates: Many companies only had online backups which were not available offline. In the event of an infestation with ransomware, these backups were also encrypted or permanently deleted.
There are more things that have been suggested and ignored.
Either turn off or secure RDP. Update your operating systems, and other software. Pay attention to warning messages (both from software and from people). Otherwise you too can find out what it’s like to be the victim of ransomware.