Security experts recently discovered several new variants of ransomware, including one that worms its way into systems via hacked remote desktop protocols.
Remote desktop protocols, commonly abbreviated as RDP, allow a user to remotely log in to and control a computer. This protocol is common among employees who work from the road or in the field but still need access to a company’s network and files.
The seamlessness of RDP software allows users to feel like they are actually sitting behind a computer manning the controls—which is also what makes this new strain of ransomware so dangerous.
Norsk Hydro, a Norwegian aluminum and energy company that has operations in 50 countries around the globe, recently saw several plants shuttered because of a ransomware attack initiated via RDP. A similar attack led two major chemical companies to scrap all of their existing systems and order hundreds of new computers, causing unnecessary disruptions to day-to-day business and inflicting tens of thousands of dollars in damage.
What can you do to protect your RDP and prevent ransomware infections?
Multiple layers of security are critical to protect computers, systems, and networks from today’s biggest cyber threats. No single piece of software or tool can provide comprehensive protection, which is why CMIT Solutions recommends the following strategies to keep your business safe:
1. Make sure your firewalls block remote desktop protocols that originate from outside your office network.
For users who may have a legitimate need for remote access to important information, only allow RDP that uses a VPN, or virtual private network, connection. This provides a safe and secure method for remote access that’s hidden from the open Internet and works in a way that’s well vetted and well documented.
2. Use strong, unique passwords on all accounts, with different logins for different platforms.
Many remote desktop protocol-initiated ransomware infections start via brute force attacks: automated processes that can crack passwords by trying millions of random combinations. Ensuring that your login credentials are strong, unique, and varied across different platforms is key to minimizing the damage that might come from a compromised password.
3. Deploy strong security monitoring and advanced detection solutions to protect your network.
Security monitoring that operates 24×7 is critical in the war against cyberattacks. Proactive tools that provide real-time analysis of security incidents within a company’s network help to maintain a stable computing environment, while advanced detection capabilities can deliver peace of mind for business owners concerned about the interruption of continuity in case of an attack. In other words, if a data breach happens, strong security monitoring tools can identify the problem while it’s still in progress, immediately act to block it, and work to reduce or prevent any damage that follows.
4. Always back up your data.
Creating regular, redundant, and remote backups of your critical business data is one of the most important security measures you can take for business success. While free solutions may tell you they’re backing up your entire computer, reliable data backups executed on a regular basis by a trusted IT provider are the only surefire method of protecting your business against a ransomware attack. Make sure your IT provider regularly tests all data backup retrieval procedures — if your data is affected by a ransomware attack, you’ll want to be able to restore it as quickly as possible.
5. Implement other security tools that are right-sized for your business and industry.
These can range widely, from anti-malware, anti-virus, and anti-spam software to more specialized network analysis, behavior detection, and proactive monitoring tools. Cybercriminals who successfully infiltrate remote desktop protocols often leave behind specialized hacking instruments that can install future ransomware, encrypt important data on any connected network, and build in future access points for other bad actors. The only way to prevent such issues is with strong, dynamic cybersecurity protection that never rests in the face of changing tactics.
- Don’t open any attachments or click on any links that arrive via email from unknown sources.
- Ensure that all software patches and security updates are properly deployed.
- Assess the need for remote desktop protocol (RDP) before setting it up.
Need help navigating the scary world of ransomware and its terrifying after effects? Call us today. We go above and beyond the call of duty to protect our clients, working day and night to fight off hackers looking for new ways to crack computers and compromise important information.
If you want a trusted local partner backed by a North American staff of 800-plus to keep watch over your technology, contact CMIT Solutions today. We take your data, your devices, and your digital security seriously.