Cybercriminals are constantly attempting new tactics in their unending global quest to infect, extort, and destroy. A newly discovered ransomware variant, CommonRansom, adds an oddball request atop the typical extortion demands.

 

RDP: a beleaguered attack vector

Remote Desktop Protocol has been a major pain point and high priority for security professionals, as it has been heavily besieged as of late.

The crippling ransomware attack on the City of Atlanta earlier in the year was a result of attackers gaining access to the systems via RDP.

Weak passwords, outdated RDP with flawed CredSSP, and unrestricted access to TCP 3389 (the default RDP port) are all lapses in RDP security that need shoring up.

With RDP being a common weak point, and RDP credentials being sold in the dark web (sometimes for as little as $3-15), the bold demands of CommonRansom may not be so out of line after all.

 

Bitcoin payment PLUS

CommonRansom will encrypt files and append the .[old@nuke.africa].CommonRansom extension to the files. In the ransom note (DECRYPTING.txt), the ransom demands are laid out.

Not only do the cybercriminals ask for the typical bitcoin payment, they also want administrative RDP access to the computer in order to decrypt the files they encrypted!

Unfortunately for victims, the appropriate course of action is to ignore the demands, as handing out admin credentials will likely lead to even more headaches, not the salvation of decryption the criminals are offering.

This highlights the need for both comprehensive, layered cybersecurity and reliable data backup to withstand attack from CommonRansom and other forms of ransomware and malware, and restore data from reliable backups when needed.

 

Backups: the ultimate last line of defense

While a layered array of defenses is extremely important, one must always have good data backups as a last line of defense in case your security layers fail.

InVault Pro is a potent backup, business continuity, and disaster recovery service that’s completely managed by InCare. With offsite replication to bi-coastal data centers and backups occurring as often as every 15 minutes, you’re sure to get back to business promptly in the event of disaster.

 

Complete IT peace of mind

For complete IT peace of mind, InCare 360 contains all our managed services including network security and backups for one fixed fee. This includes 24/7/365 support through our local help desk staff.

Contact us today at 205-277-CARE or fill out the form below to schedule a free consultation.

 

Get a FREE InCare 360 consultation
reCAPTCHA is required.

 

 

Share This