Over the past several months, there has been an uptick in cyber incident reports involving the exploitation of IP ports that are commonly used for remote access. Vulnerable ports are exposed to hackers who can easily find a point of entry and respond with ransomware attacks and other network intrusion activity. The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) has identified over 288,000 systems in NJ that currently have these remote access ports open (22/SSH, 23/Telnet, 3389/RDP) and thus exposed to the internet. In addition, a recent Flashpoint report indicated 85,000 compromised RDP servers were recently made available for sale or rent on the dark web marketplace. How Can You Reduce Exposure?
- If remote access is required, implement SSL VPNs
- Implement two-factor authentication, requiring a username/password and additional credentials to obtain access
- Make sure vulnerabilities are routinely patched
BMT has significant experience implementing secure remote access in regulated environments. For non-regulated environments our IT Health Check service evaluates remote access configurations and will let you know of any prevailing risks. If identified, we can execute a plan to fix existing vulnerabilities and prevent future threats from occurring. Our managed service clients receive all these services as part of our holistic, “IT Essentials”, managed service.