From the website “Bleeping Computer” a report comes in that less ransomware is being developed. That sounds like a good trend, but unfortunately ransomware is not dead yet. Recommendations are to secure remote desktop services (or Terminal Services) which allow your users to access company resources remotely. So this is how it works:
- Hacker finds remote server running on your network and uses tools to try to find any username and password to get in.
- After a period of time, they eventually stumble on someone’s password.
- They get in to the network and then use other tools to make themselves an Administrator.
- They delete your backups and release the ransomware forcing you to pay.
So this begs the question… if this happens to us, should we pay the ransom? Some say “YES” and some say “NO”! We believe that paying the ransom continues to encourage this activity. Additionally, there’s no guarantee that you will get your data back anyway. Let’s try to secure your remote access now, so we can try to avoid this situation if at all possible, okay?