Image Credit: Kevin Beaumont
The FBI recently issued a warning to the private industry providing information and guidance on the LockerGoga and MegaCortex Ransomware. LockerGoga and MegaCortex are ransomware infections that target the company by compromising the network and encrypting all devices.
When the network is compromised, the perpetrator be residents of the network for months before they release the LockerGoga or MegaCortex ransome infections. Once the attackers have taken everything of value from the network, they release the infections so that it can encrypt the device on the network and completely take over.
For this reason, the FBI has recommended organizations take the following precautions:
1. Back up data regularly using revisions. Backing up your data regularly, especially with offline and revision based backups eliminates the effects of the threat since you can restore your data.
2.Enable two-factor authentications and encrypt your data with strong passwords to block stolen credentials, phishing attacks, or other login compromises.
3.Businesses are encouraged to audit logs for all remote connection protocols since exposed remote servers are the most common way for attackers to first gain access.
4.Audit all new accounts to make sure no back door accounts are being created.
5.Make sure you are using the most up to date Powershell and uninstall older versions
If you or your organization are not prepared for ransomware attacks and can use some guidance, feel free to contact us at OptfinITy at (703)790-0400 or contact us at firstname.lastname@example.org