Why? Once the criminal has hacked your computers they can sell the “access” to your devices.
How can I say that?
Kaspersky¹ and others have found a “market” of hacked machines at xDedic.
This means that for $6 a criminal can buy access to some servers in various parts of the world. So with a cheap purchase such as that what could you do with it?
With this purchase one could install Ransomware which may result in $300 – $500 return.
So this could be a 50x or 83x return. Spend $6 and install your Ransomware software to get $300 to $500. Nice 5000% or 8300% return
Remember this image from our post on Jan 6? (2)
So the criminal does not have to learn how to hack machines, just has to know existence of these criminal marketplaces where for a small fee one can obtain access to servers.
So if your machine received Ransomware and you did not know how it got there – maybe it was installed by a hacker at an odd time and your IT people never saw anything.
This is why it is imperative to follow the advice of Kaspersky and others (like us 🙂
Kaspersky Lab advises organizations to:
• Install a robust security solution as part of a comprehensive, multi-layered approach to IT infrastructure security
• Enforce the use of strong passwords as part of the server authentication process
• Implement a continuous process of patch management
• Undertake a regular security audit of the IT infrastructure
• Consider investing in threat intelligence services which will keep the organization informed of emerging threats and offer an insight into the criminal perspective to help them assess their level of risk.
Notice number 4: “Undertake regular security audit of the IT infrastructure”
It is a good idea to perform security audits since your IT department does a good job, but just has to tighten a few items. Or maybe needs a little help here and there. It is human nature unfortunately not to ask for help when needed. So contact an auditor (like us)
Of course we have discussed all of these points on this site and on our Blog Website Oversitesentry.com
Tony Zafiropoulos 314-504-3974 tonyz”@”fixvirus.com
We can perform vulnerability scanning with our Alpha and Sigma Scan service products or more sophisticated pentests with our partners in the Omega Scan service product.
At minimum an Alpha scan will find basic problems and is relatively inexpensive (compared to losing your data).
Also Contact us on our form page
- http://www.kaspersky.com/about/news/virus/2016/Who-Else-is-Using-your-Servers
- https://fixvirus.com/how-to-deal-with-constant-new-ransomware-threats/