Covid-19 and Ransomware
An alarming consequence of the Covid-19 crisis is an increase in ransomware attacks. Ransomware is a type of malicious software that blocks access to your computer system until you pay the hacker a sum of money. Recently, we’ve seen instances of ransomware attacks resulting from RDP (remote desktop protocol) connections. And of course, those RDPs have been opened to allow remote work because of Covid-19.
But here’s the thing. These RDP connections, unless done right, are unsecure and very dangerous. Attackers are constantly scanning networks looking for these connections because they are an easy way in. When that happens, it can be devastating. For instance, we’ve seen one situation where a company had at least four separate and unrelated ransomware infections at the same time. Another had its entire network locked down, including all backups. This is a particular concern for small and mid-sized entities who may not have sophisticated security measures in place.
So what to do? Ask yourself these questions:
- Did you open any RDP connections for remote work and are you certain they were properly secured (such as routed through a secure VPN, or virtual private network)?
- Do you have multi-factor authentication in place? Or commercial-grade firewalls and malware monitoring/removal?
- Have you had any suspicious network/workstation activity or issues?
- Are your backups current and segregated from the rest of your network?
If you are unsure about the answers to any of these questions, or if you’ve had any issues, contact your managed services provider for technical help right away. If you need a referral, contact us for assistance with available resources or if you have questions.