News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – ransomware attacks

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – ransomware attacks

    This topic contains 5 replies, has 6 voices, and was last updated by  jabeattyauditor 3 weeks, 5 days ago.

    • Author
      Posts
    • #1914382 Reply

      Susan Bradley
      AskWoody MVP

      Have you seen the news? Scary, huh! So if you are a small business and you use consultants ask them if they use two factor authentication in order to
      [See the full post at: Patch Lady – ransomware attacks]

      Susan Bradley Patch Lady

      1 user thanked author for this post.
    • #1914489 Reply

      Paul T
      AskWoody MVP

      Having a quick look at Duo it seems to be a 3rd party site (Cisco) through which you connect to your site. Effectively you block external access except from the Duo site.

      cheers, Paul

    • #1914631 Reply

      beeswax
      AskWoody Plus

      Having a quick look at Duo it seems to be a 3rd party site (Cisco) through which you connect to your site. Effectively you block external access except from the Duo site.

      cheers, Paul

      Not really, Duo adds an additional layer to specific services/protocols such as RDP which enforces a 2FA prompt.  For example, if you install the Duo RDP component on a Windows box and configure it in the Duo web panel, anyone who subsequently connect to that box using RDP will be prompted to complete 2FA before they are allowed access.

      I use the free tier on all my home servers so now I can get a 2FA prompt on my phone whenever I RDP on, it’s a great free way to add some extra security.

      If you have a paid up subscription you can do more advanced stuff like geofencing e.g. “deny connections from all countries except US/UK”.

      • This reply was modified 4 weeks ago by  beeswax.
      1 user thanked author for this post.
    • #1914878 Reply

      techweenie
      AskWoody Lounger

      Duo is great and one of my clients uses it for DoD stuff, but most services offer 2FA natively.  Our business is basically built around Teamviewer, and we enforce 2FA and whitelisting to guarantee our clients will not get hacked with it (which has happened prior that policy).  We also rely on Dropbox, and it also supports 2FA natively.  All of these work off the Google Authenticator app, so they’re all quickly accessible from the same place.  Very handy.

    • #1916681 Reply

      MrJimPhelps
      AskWoody_MVP

      Here is a link to the article – it doesn’t appear to be included in your post, Susan.
      https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault

      I think they are going after small towns because the small towns are likely less vigilant on IT issues such as doing regular backups.

      On the bright side (if there is a bright side), a really small town could scrap the compromised system and start over from scratch, because there aren’t a huge number of people who would be affected. That might be cheaper than paying the ransom; and as a bonus, they could build a more secure system from the ground up.

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
    • #1916719 Reply

      jabeattyauditor
      AskWoody Lounger

      On the bright side (if there is a bright side), a really small town could scrap the compromised system and start over from scratch, because there aren’t a huge number of people who would be affected. That might be cheaper than paying the ransom; and as a bonus, they could build a more secure system from the ground up.

      That’ll work as long as they have some sort of data backup; otherwise, they’re going to get sued time & time again by folks who seek to make money off the fact that they can’t comply with their legal obligation to fulfill public records requests.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – ransomware attacks

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.