Tired of being admonished to take ransomware Attacks security measures over and over again. And yet, it is primarily simple mistakes. Today, system administrators have to monitor a much more branched network than before the corona pandemic with significantly fewer home office spaces. Even if the colleagues now connect to the company with their PCs via the private Internet connection, it remains part of the company network and thus an attractive target for cybercriminals. One of the most dangerous and dramatic types of a network attack is ransomware.
“Even if companies are often convinced that they have taken care of all basic security measures and the constant admonition to these now trigger an escape or deep sleep reflex, the fact remains that ransomware attacks are usually successful when the victims are basic mistakes,”. “Very mundane analogies or donkey bridges can be very helpful against these signs of fatigue.”
Imagine, therefore, that the computer is a house and the ransomware is a gang of burglars. In this role-play, five typical mistakes are shown that endanger the protection of the house:
Ransomware Attacks: When Leaving The House, Close The Door But Leave The Windows Open
This does not bring much security. It is therefore essential to protect system portals. Cybercriminals often sneak in by looking for remote access portals like RDP (Remote Desktop Protocol) and SSH (Secure Shell) that are not adequately secured. Usually, these are only set up temporarily but then forgotten. It is essential to know how to scan and secure your network from the outside. It is necessary to ensure that open services and connections are precisely where they should be and on a security checklist. The crooks will do it for you if you don’t check the network for access holes accidentally left open.
The Key Under The Mat Is A Trick Known To Crooks
It is imperative to have good passwords installed. If you are in a hurry – especially in the many additional remote accesses that have to be set up due to the corona pandemic – you prefer to choose the easy way to get everything working. Often with the excellent intention of checking all safety devices more closely later. But nothing is as durable as makeshifts, and the planned password change is forgotten. But whenever a large password dump occurs due to a data breach, weak passwords are involved. Therefore: companies should start with good passwords, including two-factor authentication, right from the start to increase security wherever possible.
A Security Guard Watches At Night And Writes Minutes That No One Reads
Reading existing system logs should be an everyday activity. Many, and perhaps most, ransomware attacks do not happen immediately or without warning. It usually takes the criminals some time, often days or more, to get an idea of the entire network. This way, they ensure that the attack will produce the desired destructive outcome to obtain the ransom. Logs often contain numerous indications, such as the appearance of “gray hat” hacking tools that one would not expect. New accounts, actions at unusual times, or network connections from outside that do not follow the usual pattern are also tell-tale clues.
The Alarm System Goes Off Too Often And Is Therefore Switched Off
Warnings should also be heeded urgently. If an alarm system goes off all the time, a certain amount of alarm fatigue will undoubtedly set in, which means that the warnings will be clicked without paying much attention. But caution is advised here because important alarm messages can be easily overlooked, for example, if they indicate that potential ransomware attacks have already been blocked. Often, network threats are not just random occurrences. They are proof that cybercriminals are already cautiously snooping around to investigate the alarm systems – always in the hope of carrying out a significant and promising attack.
Repairs Are Necessary, But Now Also Annoying
It is the constant reminder of all security specialists: patch as often and as early as possible! It is negligent to deliberately expose yourself to security gaps that have been known for a long time, perhaps for the sake of convenience. Internet crooks systematically search networks for suitable loopholes. To do this, they also scan externally accessible services that are not patched. This helps the robbers to compile lists of potential victims to attack later automatically. The best option is not to be on such lists.