Business owners are at risk from hackers who are targeting small to medium sized businesses by accessing their servers remotely.
The most recent attack was against companies who had Automate on-premise applications installed by their IT support companies
This was recently announced by Connectwise
We want to inform you there are recent reports of malicious actors targeting open ports for ConnectWise Automate on-premises application to introduce ransomware. Please ensure that your ports are not left open to the internet based on our best practices
Hackers have also been targeting business routers
- Understand that every open port is a potential point of entry for ransomware. Non-essential open ports should be eliminated. Rather than using point-forwarding, use VPNs to access remote sources.
- The ports that do stay open should be properly secured.
Some of the many steps you or your IT administrators should take are:
- Backing up your data on different systems or clouded offsite backups so that the data can be restored after an attack. Daily backups should be run, even multiple times during the day. You should also test your backup regularly.
- Education. Employees should be trained to know when they can and cannot open attachments, download files, and browse the web.
- Restricting access. The more people who have access to a system, the more likely it is they may do something wrong that introduces the ransomware software. Some ransomware cannot function in system administrator mode so key operations should only be executable by the system administrator.
- Anti-virus and anti-malware software should be installed and regularly updated. Good malware software should scan attachments and URLs and notify the user of the danger of opening the attachment or website link.
- Policies should be in place that restrict which types of attachments can be sent and opened. EXE (executable) files are especially suspect.
- Local administrative rights should be removed.
- Permissions should be reset so that only IT administrators can manage dangerous files and only key personnel can write or update information.
If you are not sure if your network is secure then you can contact Impress Computers for a Free Network Assessment