Remote Desktop is ofter publically exposed

Ransomware continues to be the weapon of choice for hackers around the world, but their distribution methods are evolving.  Recently, a new strain of the ransomware known as CryptoMix was found in the wild, sporting a new distribution methodology.

Hackers are beginning to target publicly exposed remote desktop services and installing their poisoned software manually.

In the case of the remix of CryptoMix, once installed, the malware appends the.DLL extension to all encrypted files and predictably demands a ransom from the victim to get his or her files back. Despite the evolving delivery method, the threat remains the same, so perhaps it's time for a review.

These things your staff can do to minimize your risk

  • Back your data up religiously. This isn't so much a prevention strategy as it is an insurance policy.  It should go without saying, but too many SMBs don't do this, so we wanted to list it first.
  • Make sure your employees are absolutely phobic when it comes to opening attachments from people they don't know and trust. Even in cases where they recognize the sender, it's always best to take the step of phone verification before actually opening the file.
  • All attachments should be scanned with a robust antivirus tool before opening
  • Be sure your people know not to connect Remote Desktop Services directly to the internet. Everyone using such services should do so via a VPN (Virtual Private Network).
  • Make sure all Windows updates and security patches are installed in a timely fashion. Many a problem can be avoided simply by keeping your software up to date.
  • If you're not using some type of security software that relies on behavioral detection or white list technology, you're not doing your company any favors.

Our perspective

None of these things (even taken together) will absolutely ensure that you don't fall victim to a determined hacker, but they will dramatically reduce your risk.


The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Denis S Wilson

I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller healthcare practices, clinics, insurance companies, and nonprofit companies in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance.

I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs through business and professional associations.

Contact me if you would like me to speak at your meeting.

Meanwhile, check out this report

Executive Report: 10 Hidden IT Risks That Might Threaten Your Business