Why It’s Important to Log Off the Server

By:  |  Category: Blog, Security Tuesday, August 1st, 2017  |  No Comments

By now you are all aware of the Petya/Not Petya ransomware attack that originated in the Ukraine and wreaked havoc all round the world.

After wading through the damage, it has been discovered that this ransomware is not really a ransomware but a red herring for something far more sinister. The real purpose of the attack was cause the loss of data and disrupt the companies that were infected. It was less about heisting money and more about inflicting damage to global business–a virtual terrorism of sorts.

The first stage of this attack was to find passwords with elevated privileges and move on to the next machine.

This is why it’s imperative to log of the server when you are done accessing it.

A disconnected session will store the privileged account password in memory. There are various exploits in the wild (hacker software) that can scrape usernames and passwords from memory.

For example, one of our engineers ran a mock attack (with permission) on a client with two disconnected accounts. He ran a simple Power Shell exploit in memory and uploaded the old username and password to a webserver. In 15 seconds he had both the disconnected accounts passwords which was expected, but also an active service account. With this information our faux hacker could then go onto to further exploit the system, continuing to gain more and more access.

It doesn’t take a long time to log off the server. This hack is simply relying on employee’s laziness. Don’t be the reason a virtual terrorist gains access to your business.

Stay alert and always log off.

For questions give us a call at: EnhancedTECH  714-970-9330

or contact us at [email protected]



Source image: https://www.pexels.com/photo/black-claw-hammer-on-brown-wooden-plank-209235/

Leave a Comment
Read previous post:
Data Protection: If All You Have Is a Hammer, Everything Looks Like a Nail

If all you have is a hammer, everything looks like a nail!" This proverb was first introduced to the English...