Weak passwords act as entry points to Ransomware

34

To all those who use weak passwords, here’s an advice to quickly follow. Otherwise, it can ruin your computer security and network forever.

Security experts from Quick Heal technologies say that weak passwords such as abc123, 12345 or QWERTY can help cyber criminals duck computer security and invade systems or networks with ransomware. They say that the malicious software could then help hackers publish the accessed content on the dark web or lock it down from user access until a ransom is paid.

“It doesn’t matter if a company has the right antivirus software to protect itself. The moment you allow virus into the machine, your defense weakens”, Sanjay Katkar, CTO, Quick Heal Technologies LTD.

Mr. Katkar added that in the past 3 months his company’s solution ‘Seqrite’ is said to have blocked over 35,000 Remote Desktop Protocol (RDP) attacks targeted at enterprises operating in India and abroad.

Often companies are found using RDP to manage and access remote systems and devices. But they fail to protect the devices with robust passwords or adequate security measures. This is where cyber crooks take the opportunity to intercept vulnerable systems via Brute Force and dictionary cyber attacks.

Technically speaking, Ransomware attacks are of two types- one that detects a vulnerable system installs a code and encrypts files until a ransom is paid. The other is one which does everything as said in the first attack and additionally attacks other connected computers in the network. All systems running on Windows and are not updated become easy targets for such attacks.

A 2016 advisory issued by the United States Computer Emergency Readiness Team (US-CERT) says that affected owners and network admins should never ever accede to the monetary demands of ransomware spreading hackers. That’s because there is no guaranty that the encrypted files will be released and there is a high chance that the malicious actors will further try to exploit the banking info after receiving the money.

Using strong passwords can prove as a proactive measure to isolate a system or a network from ransomware attacks. Here a strong password means a mix of alphanumeric letters topped with one or two uppercase and lower characters. Two-factor authentications can act as an additional security measure which can be deployed.

Backing up the data on a regular note, disable or minimize the use of RDP can also prove effective.