Reply to post: If you don’t care about security, the bad guys care about you

Forget BYOD, this is BYOVM: Ransomware tries to evade antivirus by hiding in a virtual machine on infected systems

Pier Reviewer

If you don’t care about security, the bad guys care about you

Internet facing RDP... Jesus. I love it when you find it on jobs. It’s an easy win. It’s insane that people don’t put it behind a VPN (that requires MFA).

Ofc that alone isn’t a fix for ransomware. There is no single fix, which is why companies keep getting reamed. They’d evidently rather risk paying millions than definitely spend money avoiding the risk, even if it basically guarantees they won’t be badly affected. It’s 100% the board’s fault. They could force a change, but costs reduce their dividends. Better to risk it and make secret payments to the criminals if you get hit rather than reduce your take home pay innit?

The fix? Nothing new or exciting. Regular, tested off-site backups, maintain a register of installed software and audit it regularly, patch regularly, MFA for all sensitive services and accounts etc.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020