Tech Tuesday: Your PC could be vulnerable to a crypto lock attack. Simple Windows updates could mitigate the issue. Read more Below.
By: Kip Kirchberg
It is probably no surprise that the majority of people ignore or close Microsoft’s Windows update notifications. After all the annoying pop up is simply just another pesky update that requires me to reboot my computer at the most inconvenient time right?
Well some of these simple updates could help keep you or your organization safe from potential cyber attackers. A perfect example is the BlueKeep vulnerability patch that was released by Microsoft May 14, 2019.
BlueKeep is a remote code execution vulnerability that exists in Remote Desktop Services – formerly known as Terminal Services. To exploit a system a cyber-attacker simply sends a specially crafted request to the target systems Remote Desktop Service via RDP.
This vulnerability is pre-authentication and requires no user interaction. A cyber attacker who successfully exploits this vulnerability can execute arbitrary code on the target system. The cyber attacker can then install programs; view, change, or delete data; or create new accounts with full user rights.
This type of access could lead to a pc or network of pc’s being crypto locked and held for ransomware or have its data offloaded to an attackers pc and gain information such as Social Security Numbers, credit card numbers, or other highly sensitive information. This could not only lead to a loss of revenue for a business but could also ruin its reputation and subject them to local and federal fines.
The newest round of internet vulnerability scanning shows that approximately 800,000 machines exposed to the internet are still vulnerable and could be exploited to an attack at any given moment. About 30% of the machines identified were personal computers. Approximately 5% of the machines identified belonged to corporate entities, government, technology companies, or public utilities.
This means that there are about 40,000 pc’s in some type of business or critical infrastructure environment that still need to be patched. The challenge for most organizations is identifying the machines that live in their environment that still need patched. These machines could be tucked away in a closet and forgotten.
The best method to ensure your systems are patched and ensure your cyber risk footprint is reduced is to get a full inventory of your environment and schedule regular patch cycles.
If you are looking for inventory solutions or would like assistance patching your environment, please feel free to reach out for a cyber security consultation. You can reach me at [email protected] or 863-734-8060.