I was recently made aware of a situation a colleague (in Toowoomba) faced where he was helping out a smaller IT company with a problem where it appears as if Russian hackers had compromised a server, encrypted all the data (so none of it could be accessed) and then held the server owner to ransom for $4000.00, increasing by $1000.00 per day if not paid after the deadline. The end result was to try and restore their data and get the server back up and running (which was able to be done but cost a considerable amount of money).
Sounds like quite a good hoax, doesn’t it? Well unfortunately it isn’t. I thought that it was a one of type of attack but unfortunately, this is the third instance I have heard of this happening in just over a week. Please refer to the following link for more information:
http://www.abc.net.au/news/2012-12-10/hackers-target-gold-coast-medical-centre/4418676
Some of the things that we can do to prevent this from happening is as follows:
1. Increase security on your network by introducing complex passwords (I know that it may be inconvenient as a simple password is easier to remember but is also less secure)
2. Deny access to the server using the conventional “port” required for direct remote access.
3. Look at installing a UTM (Unified Threat Management) Gateway onto your network. This is a device that intercepts all incoming (and outgoing) traffic and will monitor it for hacking attempts, port scanning, vulnerability scanning and malicious code injection into your network
a. I have a client here in Currumbin where there were continuous attempts to hack into their network (the server log showed countless attempts to log onto the server using different names and passwords. There were also countless port scanning attempts (this is where an external party runs software against your ADSL modem looking for open ports they can then try to compromise). We recently introduced a UTM Gateway into their network with a number of security features turned on and within hours, the attempts to hack their network stopped and haven’t been attempted again (logs on the UTM show this).
4. Robust and up to date network protection suite (antivirus, etc.).
5. Constant monitoring of your server logs for such attempts as this.
For example, a UTM Gateway for a network your size with a 12 month subscription to all protection and installation / setting up is only an investment of: $1500.00 (inc GST) plus labour (a small investment really, when compared to the stress and expense if you were compromised).
Even if you don’t have a server, network security is of utmost importance.
Please feel free to contact me if you have any concerns or questions. Also feel free to forward this email on to anyone else you may think is in a situation where they could be putting their data and business at risk.
Rob Novotny
Summit InfoTech Pty Ltd
0409 020 511
www.summitinfotech.com.au
No comments yet.