PSA: You Are A Business Owner? Are your Systems Safe?

[Alexsei]

I know this has been posted many times and publicized everywhere still there are people out there who's business is up for a disaster.

A friend of mine who owns a retail store just got hit with the new Nuclear Ransomware they demanded $5000 in bit coin which he paid... Yet he can still not get his system back up.

Do yourself a favor and follow the BBBS rule:

Backup
Backup
Backup
Secure

All the best

[yelped]

Or hire one of their Talmidim to do it for you:
http://forums.dansdeals.com/index.php?topic=62563.msg1749104#msg1749104

[Yisroel Tech]

Thanks Alexsei for the announcement!

Please people just do it!!! It is not worth even for a chance it happens to you.

I also know someone that was hit by this variant (He had RDP open and used torrents...I don't know which one was the point of entry...but I digress), paid and did not get back his files 

[Alexsei]

We possibly know the same person...

[Aerial Dag]

I also know someone that was hit by this variant (He had RDP open and used torrents...I don't know which one was the point of entry...but I digress), paid and did not get back his files 

Why would having RDP open infect the machine with ransomware? Are you saying he was torrenting on a machine that got ransonware and that ransomware found his shared drive through RDP?

[Alexsei]

Why would having RDP open infect the machine with ransomware? Are you saying he was torrenting on a machine that got ransonware and that ransomware found his shared drive through RDP?

The way it works with BTCWare hey scan your IP for open RDP ports and attack to gain access to your system

[Aerial Dag]

The way it works with BTCWare hey scan your IP for open RDP ports and attack to gain access to your system

Gotcha. Well can't exactly disable RDP on servers. I guess backing up x3 and not torrenting is the way to go.

[Yisroel Tech]

Gotcha. Well can't exactly disable RDP on servers. I guess backing up x3 and not torrenting is the way to go.

Also some RDP security:
1) having very complex passwords for devices exposed to RDP
2) Using non-standard ports
3) Limiting sign-in attempts

[churnbabychurn]

Is backing up to Google drive/Dropbox that is linked to machine worthless?

[stooges44]

Also some RDP security:
1) having very complex passwords for devices exposed to RDP
2) Using non-standard ports
3) Limiting sign-in attempts

2) Definitely don't use 3389 and make sure that one is completely locked

4) Restricting by IP
5) Restricting by user
6) 2 factor authentication

[Work-for-ur-muny]

How about private people on personal computers. Are we any safer than businesses? Or are you just mentioning businesses cuz of the amount of money in jeopardy?

[stooges44]

How about private people on personal computers. Are we any safer than businesses? Or are you just mentioning businesses cuz of the amount of money in jeopardy?

Private people don't usually have a static ip and thus don't even have rdp as an option.

[avromie7]

Private people don't usually have a static ip and thus don't even have rdp as an option.

You don't need a static IP for RDP.

[whYME]

Secure 

Good luck with that with all the stolen tools being dumped out there now...

[Alexsei]

Still precautions do help you do be less exposed

[gozalim]

You don't need a static IP for RDP.

how?

[avromie7]

how?

You can use RDP with any IP address, if you don't have a static IP you run the risk of your IP address changing. That doesn't make it any safer.