Encryption Ransomware Attacks--Trends & tips
Created#More Posted time:Feb 18, 2019 15:03 PM
Alibaba Cloud Security has found two common traitsbetween victims of ransomware invasion through the analysis of data related to current blackmail events:
1. Key accounts with weak passwords or does not have proper authentication mechanisms • Key accounts (root, administrator) on the servers had simple passwords or no passwords at all.
• Databases (Redis, MongoDB, MySQL, SQL Server) and other important business services could be logged on to without passwords.
2. Affected applications do not have access control policies, meaning applications are open to the internet without any protection
Alibaba Cloud recommends the following protective measures to help companies respond to the threat of ransomware attacks: 1.Regularly back up data
2.Only open necessary service ports to the external network to limit access to the server
3.Perform proper security domain planning for the server
4.Manage service passwords and remote access permissions
5.Configure OS-level security and vulnerability protection
6.Web application vulnerability protection