July 15, 2018
Login credentials for government institutions and other vital entities, such as airports and hospitals, are now up for sale on the dark web.
An untraceable part of the internet that search engines can’t pin down, the dark web is the ideal venue for marketplaces housing illegal trade of drugs and weaponry. The web’s underworld also hosts forums in which data is breached and leaked by cyber attackers, and is then sold for massively high price tags accompanied with severe threats.
With Microsoft’s remote desktop feature allowing hackers to connect and operate a PC remotely, login credentials of users operating with government institution systems were attained.
The public has been notified that data of 15,000 to 40,000 systems connected to the remote desktop protocol were listed for sale on the dark web. These credentials pose great risks, as they can easily be used to stall the systems and for hackers to demand ransom payments, or worse yet, for future cyber attacks.
Remote connections are a critical aspect of government workflows, the precise reason for why systems must be vigilantly secured, as many are directly connected to general public’s welfare.
Employees in these institutions should be educated on how to keep their remote connections secure, so vulnerabilities cannot be exploited by hackers. Staff are best made aware of remote connectivity risks to enforce secure yet robust connections.
A few pointers in case your personal data has been compromised:
– Have I Been Pwned – enter your details to check if they appear on any data leaks listed.
– Password Safety – change passwords frequently, use different passwords for different accounts and use two step verifications.
– Back Up Data – regardless of whether you’ve been targeted with a ransomware attack and all your data is encrypted, recovery of data from a cloud or a
hard drive backup can resolve such circumstances.
Considering the dangers of the dark web, employing advanced solutions for optimal security and user authentication is paramount to quickly identifying breaches and leveraging response times and critical actions.