News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – ransomware attacks

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – ransomware attacks

    Viewing 5 reply threads
    • Author
      Posts
      • #1914382 Reply
        Susan Bradley
        AskWoody MVP

        Have you seen the news? Scary, huh! So if you are a small business and you use consultants ask them if they use two factor authentication in order to
        [See the full post at: Patch Lady – ransomware attacks]

        Susan Bradley Patch Lady

        1 user thanked author for this post.
      • #1914489 Reply
        Paul T
        AskWoody MVP

        Having a quick look at Duo it seems to be a 3rd party site (Cisco) through which you connect to your site. Effectively you block external access except from the Duo site.

        cheers, Paul

      • #1914631 Reply
        beeswax
        AskWoody Plus

        Having a quick look at Duo it seems to be a 3rd party site (Cisco) through which you connect to your site. Effectively you block external access except from the Duo site.

        cheers, Paul

        Not really, Duo adds an additional layer to specific services/protocols such as RDP which enforces a 2FA prompt.  For example, if you install the Duo RDP component on a Windows box and configure it in the Duo web panel, anyone who subsequently connect to that box using RDP will be prompted to complete 2FA before they are allowed access.

        I use the free tier on all my home servers so now I can get a 2FA prompt on my phone whenever I RDP on, it’s a great free way to add some extra security.

        If you have a paid up subscription you can do more advanced stuff like geofencing e.g. “deny connections from all countries except US/UK”.

        • This reply was modified 10 months, 3 weeks ago by beeswax.
        1 user thanked author for this post.
      • #1914878 Reply
        techweenie
        AskWoody Lounger

        Duo is great and one of my clients uses it for DoD stuff, but most services offer 2FA natively.  Our business is basically built around Teamviewer, and we enforce 2FA and whitelisting to guarantee our clients will not get hacked with it (which has happened prior that policy).  We also rely on Dropbox, and it also supports 2FA natively.  All of these work off the Google Authenticator app, so they’re all quickly accessible from the same place.  Very handy.

      • #1916681 Reply
        MrJimPhelps
        AskWoody_MVP

        Here is a link to the article – it doesn’t appear to be included in your post, Susan.
        https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault

        I think they are going after small towns because the small towns are likely less vigilant on IT issues such as doing regular backups.

        On the bright side (if there is a bright side), a really small town could scrap the compromised system and start over from scratch, because there aren’t a huge number of people who would be affected. That might be cheaper than paying the ransom; and as a bonus, they could build a more secure system from the ground up.

        Group "L" (Linux Mint)
        with Windows 8.1 running in a VM
      • #1916719 Reply
        jabeattyauditor
        AskWoody Lounger

        On the bright side (if there is a bright side), a really small town could scrap the compromised system and start over from scratch, because there aren’t a huge number of people who would be affected. That might be cheaper than paying the ransom; and as a bonus, they could build a more secure system from the ground up.

        That’ll work as long as they have some sort of data backup; otherwise, they’re going to get sued time & time again by folks who seek to make money off the fact that they can’t comply with their legal obligation to fulfill public records requests.

    Viewing 5 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – ransomware attacks

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.