Be aware of ransomware threats
It has been reported recently that ransomware attacks have almost doubled in the last year. One of the most active ransomware-as-a-service (RaaS) groups is known as “LockBit”; they have been active since September 2019 and have claimed well over 1,000 victims from the start of 2023.
What is a ransomware attack?
The goal is to gain access to a database and deploy software to steal and encrypt the data, before requesting a ransom payment to de-crypt the data and not release it to the general public. The main access route is via obtaining user login details, either by email phishing attacks, or trying their luck with common passwords.
What can you do about it?
01. Adopt stricter password rules: Increase customer password security by forcing more complicated passwords, more frequent resets and 2 Factor Authentication.
02. Educate customers and staff: Communicate with your stakeholders about best-practice password security, how to avoid email phishing attacks and who to report any potential problems to.
03. Update and secure your CMS: We recommend that we upgrade your Umbraco CMS regularly to take advantage of the latest security practices. We have been contacting clients about moving away from Umbraco V7 and keeping Umbraco V8+ installations up-to-date. We can also secure your content management system access to fixed IP addresses.
What Frontmedia are doing to help:
- Firewalls are installed on all of our servers to secure access to only specified IP addresses.
- All our servers are patched monthly to take advantage of the latest recommended software versions.
- SSL Certificates are mandatory on all websites.
- Regular backups are taken of all website files and databases which are stored in a secure, off-site, Cloud-based system for 30 days.
Please contact us if you would like to talk about security upgrades to your Umbraco website.