Ransomware risks
CERT NZ is urging Kiwi organisations to tighten up the way they enable remote working for staff to avoid a ransomware attack.
Government cyber security agency, CERT NZ says the majority of ransomware attacks occur through poorly configured remote access systems, which businesses use to allow staff to access systems from outside the office.
While there are several systems in use, one of the most commonly used is Remote Desktop Protocol (RDP), with more than 2500 identified in New Zealand. RDP has several weaknesses, which means when it is used over the internet it can be exploited by attackers, and is a leading contributor to the ransomware incidents that CERT NZ receives.
“It’s essential that organisations make sure these systems are as secure as they can be. You may need to talk to your IT team or service provider about how to do this,” says Michael Shearer, Principal Advisor – Threats and Vulnerabilities at CERT NZ.
CERT NZ is partnering with internet service providers to contact organisations that use internet-exposed RDP to provide advice on how they can make remote working more secure.
“Regardless of what technology organisations use to enable remote working, it’s important to keep your system up to date and enable two-factor authentication for logins.”
As RDP is often exploited by attackers to gain access to an organisation’s network, CERT NZ recommends organisations consider other options to enable remote working, such as a virtual private network (VPN). Good VPN solutions support two-factor authentication, which adds an extra layer of security, and are designed to be used over the internet.
More broadly, CERT NZ is concerned about the growing impact ransomware attacks are having on New Zealand.
“Recent events have brought to light the devastating effects a ransomware attack can have on an organisation. There’s been an increasing trend of these types of attacks globally over the past 18 months, and they’re only going to continue,” says Shearer.
CERT NZ will soon be releasing more guidance for organisations about how to protect against ransomware.
www.linkedin.com/company/certnz/