6 Indicators You’re at Risk for Ransomware

Research reveals that there are 6 Indicators you’re at risk for ransomware.  These items if not properly addressed will exponentially increase your risk of an attack.  Here are the top 6 items you should look out for:

No Centrally managed Anti-virus & Patching

Patching and Anti-Virus have been around since the dark ages of computing, but they are still very relevant and the foundation of a good security plan. A centrally managed solution is a huge help to making sure AV is on all computers and up-to-date, as well as making sure patching is happening

No End User Awareness Training

No matter how good your security is, it can always be circumvented by a user clicking on something they shouldn’t, or the bad guys getting a hold of their password.  We’ve found that an educated workforce is an important part of having a solid security profile. Organizations that implemented ongoing security awareness training experience a 75% reduction in end user clicking on phishing threats (knowbe4.com)

No Behavior Based Threat Protection

Even the most IT savvy person isn’t perfect, and can click on a malicious link from time to time.  To help with human fallibility, many firewall and SPAM filters have a secret weapon – behavior-based threat protection.  This will run an Internet download or Email attachment in a sandbox and see if it starts to act funny – you know, like start encrypting files.  If it detects suspicious behavior, it will block network access, and the users get an alert.  If you haven’t implemented behavior-based protection in your network, you are at increased risk of getting ransomware.

No Password Policy

The number one entry point for compromised businesses was though unauthorized access (https://www.forgerock.com/resources/view/92170441/industry-brief/us-consumer-data-breach-report.pdf).  We can prevent more attacks if better password policies are enforced.  To implement password best practices, visit https://itnow.net/guide-to-strong-passwords-in-2019/

Open RDP Ports

The most common entry point for attackers in 2019 was through unauthorized access.  The way in which they were able to get access to the network for these attacks was through an open public RDP port. A strong password policy coupled with closing out the main mode of access, open public RDP, really helps to minimize your exposure. If you have a publicly open RDP port please secure it, or close it, now!

No Review of User Access

Many times when consulting with businesses on security we do an audit on their server.  Frequently we find that there are numerous user accounts in existence for terminated users that left the organization months or years before.  This is a problem because these accounts can be exploited by the bad guys and use it to deploy ransomware.  It is such an easy thing to review and resolve; however, many companies don’t take the time to do it.  It’s not something that needs to be done daily, but to maintain good cyber hygiene you should check at least a few times each year.

Conclusion

Keeping our clients safe is a top priority for us here at i.t.NOW.  We know how to protect our clients from ransomware.  We would love to put that knowledge to work protecting your business.  If you have concerns with ransomware or other security, problems call us today!  We have experts ready to help.

Guest Post by Morgan Frame – Morgan has been working in Managed IT Services for the past 12+ years.  He is a veteran of the industry, and works at i.t.NOW helping business owners offload the burden of IT.  He loves to assist them in finding rock solid cost effective solutions to their IT problems.  When he is not working, he enjoys spending time with his wife and two daughters.  He also loves hiking, and is working on bagging every peak he can find.  If you are looking for him, you should start on a trail on the side of a mountain.