Mid Last year a not so surprising news broke out.
70k hacked government and corporate servers were for sale for as little as $6 apiece: ArsTechnica
Imagine the possibility of your server potentially ending up on this list and then being used to attack your competitor. The legal issues alone will be longstanding not to mention the damage to your reputation which could lead to you losing customers.
While monitoring attacks on our client systems we see workstation names if the attacker is using a potentially hacked Windows Server/System. Which results in a nice table like:
From the list, you can see names like APPSERVER, HYPERV01, KMSB-SERVER, SRV-DC01 which are most likely corporate servers that got hacked and then were used to attack our clients.
Computers with the name WIN-XXXX are VPS’s that were either hacked or rented out by hackers.
The computers XXXX-PC are having XXXX as username on the windows PC which are directly attacking.
While this sounds scary, this can take a turn for the worse with a US “Self Defense” Bill that would allow victims to hack back – https://www.usnews.com/news/articles/2017-03-09/self-defense-bill-would-allow-victims-to-hack-back
Have you checked your logs lately? If you want to know more, get in touch with us right now to schedule a demo