RANSOMWARE AND CRYPTO-VIRUSES II

Our last blog discussed crypto-wall ransomware and what can
be done about it. Since then we have seen several companies that have been
impacted by a new variant of crypto-wall that has more potential to get into
environments than previous versions. Crypto-wall is on the rise and it is
imperative that your company takes the proper precautions to protect your data.

Crypto-wall can be installed internally by users clicking an infected email attachment or website link. There is a new method in which an automated process designed by hackers attempts to use remote desktop services on all ports. Remote access through redirected ports and port forwarding no longer stops the hackers. Automatic processes attempt to use common user names and passwords to get into accounts through remote desktop services and then automatically install crypto-wall on any of the devices it can access.

 WHAT YOU CAN DO ABOUT IT

  • Require VPN access for all remote access to the network
  • Require third party SSL certificate-based VPN access for all remote access to the network
  • Require a password policy that uses strong passwords
  • Require user accounts to lock out
    • If an account locks out regularly and users have remote access through port forwarding or redirected ports it is likely that there is an attempt to crack into that account and install crypto-wall
  • Install antivirus and antimalware on all devices
  • Keep antivirus and antimalware up to date
  • Change the password on service accounts frequently
  • Remove administrator rights from user accounts
  • Only administrator account shave administrator rights
  • Router based network Antivirus and Intrusion Protection Systems
  • Create strong WiFi Passwords

WHAT PALMER TECHNOLOGY OFFERS

Palmer Technology offers managed
security with highly secure business-class routers that off SSL VPN remote
access to the network. The routers have built-in Network Antivirus and
Intrusion Prevention Systems. We also offer managed antivirus and anti-malware
services

Managed Services

RELATED ARTICLES

https://techbeacon.com/security/ransomware-rise-evolution-cyberattack

https://www.bleepingcomputer.com/news/security/cryptowall-4-0-released-with-new-features-such-as-encrypted-file-names/