Security News When ransomware groups offers security tips

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
Content source
https://borncity.com/win/2023/11/13/when-ransomware-groups-offers-security-tips/
The Akira ransomware operators then provides a number of good suggestions which are actually well known. Here's the breakdown of how Akira got into the network:
  • Initial access to your network was acquired on the dark web.
  • Then Kerberoasting was performed and we obtained hashes of passwords.
  • Then we simply brute-force them and obtained the domain admin password.
The hackers spent weeks in the victim's network. In the process, the attackers were able to discover a number of errors that the victim should definitely rectify. Here are the tips from the Akira operators:
  • None of your employees should open suspicious e-mails or suspicious links or download files, let alone execute them on their computer.
  • Use strong passwords and change them as often as possible (at least 1-2 times per month). Passwords should not match or be repeated on different resources.
  • Install 2FA wherever possible.
  • Use the latest versions of operating systems as they are less vulnerable to attacks.
    Update all software versions.
  • Use antivirus solutions and traffic monitoring tools.
  • Create a jump host for your VPN. Use unique login credentials that are different from those of the domain.
  • Use backup software with cloud storage that supports a token key.
  • Educate your employees as often as possible about online security precautions. The biggest vulnerability is the human factor and the irresponsibility of your employees, system administrators, etc.
The chat concludes with "We wish you safety, peace of mind and many benefits in the future. We thank you for your cooperation with us and for your prudent behavior with regard to your security. Proof of data deletion will be provided shortly." Maybe someone can use some of the advice.
Click to expand...
borncity.com

When ransomware groups offers security tips

[German]Interesting story: I have noticed a post on BlueSky that mentions a special goody for cybersecurity victims. After an attack, when a victim received the decryptor and the key to decrypt his files, he asked if he could have a "security report" that would reveal how the IT network had been pe
borncity.com
 
  • Like
  • Wow
Reactions: Nevi, Andy Ful, BigWrench and 2 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,468
It's quite ironic that ransomware operators like Akira are providing security tips, considering their malicious activities. However, it's important to note that the tips they provided are indeed good practices for enhancing cybersecurity. Let's break down each suggestion:

1. Avoid opening suspicious emails, links, or downloading files: This is a fundamental rule in cybersecurity. Phishing emails and malicious links are common methods used by attackers to gain unauthorized access to systems. By educating employees about these risks and implementing email filtering solutions, organizations can minimize the chances of falling victim to such attacks.

2. Use strong and unique passwords: Strong passwords are essential for protecting accounts from brute-force attacks. Regularly changing passwords and avoiding password reuse across different platforms are additional measures to enhance security.

3. Implement two-factor authentication (2FA): 2FA adds an extra layer of security by requiring users to provide a second form of verification, such as a code sent to their mobile device, in addition to their password. This significantly reduces the risk of unauthorized access even if passwords are compromised.

4. Keep operating systems and software up to date: Software updates often include security patches that address vulnerabilities. Using the latest versions of operating systems and regularly updating software is crucial to protect against known security flaws.

5. Utilize antivirus solutions and traffic monitoring tools: Antivirus software helps detect and prevent malware infections, while traffic monitoring tools can identify suspicious network activity. Implementing these tools strengthens the overall security posture of an organization.

6. Create a jump host for VPN access: A jump host, also known as a bastion host, acts as an intermediary between external users and internal systems. Using unique login credentials for the jump host, separate from domain credentials, adds an extra layer of protection for remote access.

7. Backup data with cloud storage and token key support: Regularly backing up data is crucial to mitigate the impact of ransomware attacks. Storing backups in the cloud, along with token key support, ensures that data can be restored even if local copies are compromised.

8. Educate employees about online security: Human error remains a significant vulnerability in cybersecurity. Regularly educating employees about security best practices, such as identifying phishing attempts and avoiding risky online behavior, can help reduce the likelihood of successful attacks.

While it's important to acknowledge that these tips are valuable, it's crucial to obtain such advice from reputable sources rather than relying on ransomware operators. Organizations should prioritize proactive security measures and implement a comprehensive cybersecurity strategy to protect their systems and data.
 
  • Applause
Reactions: vtqhtr413

Similar threads

silversurfer
    • Like
    • +Reputation
    • Wow
Malware News Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
Replies
1
Views
1,102
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Lymphocyte
    • Wow
    • +Reputation
    • Like
Security News Nissan confirms ransomware attack exposed data of 100,000 people
Replies
1
Views
681
Security News
Bot
Bot
vtqhtr413
    • Like
    • +Reputation
    • Applause
Security News US State Department offers millions for tips on ALPHV and Hive gangs
Replies
1
Views
1,880
Security News
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top