One thing you shouldn’t ever do on the internet is expose yourself. No, not that kind of exposure (though you shouldn’t do that either…) but the kind that leaves your computers open to abuse in ways you may never have heard of.
You’re probably doing lots of things the right way when it comes to computer security. The obvious things, like anti-virus, firewalls, email filters and other layers of protection are fairly well understood and used.
A possible side-effect of that situation can be complacency. If you think you are covered it’s easier to take your eye off the ball. And what we’ve discovered with a bit of research is a plethora of companies in our area alone who are exposed to very real threats that exist in far less obvious places.
For instance, do you know if your network has exposed RDP ports?
RDP stands for Remote Desktop Protocol. As the name suggests, it’s a way for machines to communicate securely while allowing control across the network, whether that be from the next office or the other side of the world. A support technician (or just a willing friend) can see a graphical display of another user’s screen in order to manage their computer.
It’s very helpful, but can also be very dangerous, especially now that there’s a relatively new form of ransomware, called BitPaymer, that seeks to take control of networks through vulnerable RDP ports.
It looks for insecure RDP connections as a way into a computer and if that computer is networked to others, as most business machines have to be, it will try to spread through the network from the inside. When it does that it can lock down computer after computer and cripple the business, theoretically until the ransom is paid.
When we say ‘insecure RDP connections’ we’re still talking about password protected systems, but when a weak password is found, attackers turn to their arsenal of tools to essentially break their way through – and weak passwords can be beaten in seconds with the right kit.
This is a genuine problem because there are lots of computers sitting on networks with not very secure RDP ports which do not need to available to the internet.
And it could be happening in your business. We went looking for exposed RDP ports in Shropshire, targeting Shrewsbury, Telford, Ludlow and Oswestry, and found lists of organisations in all four towns openly exposing RDP ports, making them ripe for attack.
This can all be prevented with the correct system setup and management approach, ensuring that only authorised people can use RDP and that their security is strong and multi-layered.
It is a genuine concern and one that you should take seriously. If you’re not sure how, seek advice, because it’s not a massive job to fix once you know it’s there, but it does need checking.
If you want to be sure you’re not exposing yourself unnecessarily, why not give us a call?