FBI Issues ‘High-Impact’ Ransomware Attack Warning—What You Need To Know

FBI-logo-webThe FBI has issued a new warning that healthcare organizations, industrial companies, and the transportation sector are being targeted with ransomware. The attack methodologies continue to evolve, with cyber-criminals doing all they can to avoid detection. The FBI highlights three current attack techniques: phishing campaigns, Remote Desktop Protocol (RDP) vulnerabilities and exploits of software vulnerabilities.

Mitigation includes ensuring operating systems, software and device firmware are all updated with the latest security patches. Data should also be backed up regularly, and the integrity of these backups verified. The FBI adds that, regardless of whether a ransom has been paid or not, victims should always report ransomware attacks to law enforcement to provide the kind of critical information required to hold attackers accountable under the law.

Javvad Malik, security awareness advocate at KnowBe4, said "companies of all sizes across all verticals need to be prepared for ransomware and have in place not only technical controls to prevent, detect, and respond to it, but also raise security awareness among staff so that any attempts to install ransomware via phishing or other social engineering attacks can be thwarted."

Five Things You Can Do About This Right Away:

  1. When is the last time you tested the restore function of your backups? You want to do that ASAP, and make sure you have weapons-grade backups at all times.
  2. Scan your network to identify any open RDP ports and ideally disable RDP completely on all Windows machines if possible. By default, the server listens on TCP port 3389 and UDP port 3389.
  3. Best practice to protect a network from a brute force RDP attack is to apply strong RDP security settings, including limiting or disabling access to shared folders and clipboards from remote locations.
  4. An RDP brute force approach does open the attacker’s information to the targeted network, so automate the process of parsing the Windows Event Viewer logs, find any compromised user accounts, identify the IP address of the attacker and block that.
  5. Do a no-charge Phishing Security Test and find out what percentage of your users is Phish-prone. Use that percentage as a catalyst to start a new-school security awareness training program, which—by survey—your users are actually going to appreciate because it helps them stay safe on the internet at the house. PS, the password is  "homecourse". It's free. 

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews