|ATT: Ransomware 'Crysis' and "Brute Force Attacks" on the rise
A sharp rise in the number of "brute force attacks" and instances of a new variant of ransomware called Crysis is combining to cause widespread data and productivity losses to businesses and organisations all over Australia.
A brute force attack is an attempt to gain access to a network by attempting as many username and password combinations against a system until one is found to work. This makes users with simplistic passwords such as ABC123, or Password1 or 123345 very susceptible to being compromised.
Once an account is compromised using a brute force attack, the third party is then able to deploy malware such as 'Crysis' to encrypt data that the compromised account has access to on the network thereby denying legitimate users from being able to access their files and software. Holding the organisation ransom to unlock their data or forcing them to restore from their backup system.
The Crysis ransomware has quickly become the scourge of cyber security experts everywhere. The way in which it can quickly destroy network data makes it a frightening threat. It's only a threat however if an account is compromised, or if a user is duped into downloading it from the internet and executing it.
Our recommendation to protect our clients against brute force attacks from compromising user accounts on their network is to implement a minimum password complexity policy and to lockout users for a short period of time after a number of consecutive unsuccessful login attempts. Wherever a ransomware attack has been successfully initiated, the only safeguard is a robust disaster recovery plan that includes on premises backup sets that are replicated offsite, for example to the cloud.
As always, if you have any questions feel free to send an email to firstname.lastname@example.org or give us a call. We'd be happy to hear from you.
Until next time,
Tech Alert - Ransomeware and Brute Force Attacks on the Rise
Posted by: Reliance Technology