Remote Work Calls For Strong Security Practices
A hacker attacked a national engineering firm through an open Remote Desktop Protocol (RDP), a port commonly used to enable remote access to internal systems, and frequently leveraged by attackers to deploy ransomware. Hackers exploited the engineering firm’s open RDP port and held its designs, architectural plans, contracts, and client information for ransom. An open RDP port is the most exploited attack vector for ransomware. Cybercriminals are growing more sophisticated, and are now employing tools to automatically identify and exploit an open RDP anywhere on the internet.
Swift Response Results in Minimal Loss
When the engineering firm discovered that it was locked out of its systems, it promptly reported the claim to At-Bay. Our claims team immediately responded and quickly enlisted the ransomware response firm most experienced in identifying the nuances of the ransomware variant and the type of data at risk.
The At-Bay claims team and incident response firm were in constant communication with the client, taking strategic steps to minimize both financial and reputational impact. Within three days, the client’s systems were restored and operational without any data loss, at a cost significantly lower than the original ransom. Because the loss of engineering design work and resulting operational downtime can be costly, the quick turn-around yielded a favorable resolution. The entire process showcased At-Bay’s vigilance on behalf of our clients and our savvy in quickly resolving digital risks.