We have detected a massive spike of brute force and script attacks originating from the Russian Federation assigned block of public IP addresses. Due to the scope of the attacks, we will need to block all IPs that are attached to Russian assets to protect your servers efficiently. Your network security and integrity is of our highest priority, and we are doing everything we can to stem these attacks; thus far, we have no evidence to show that your server was compromised. Keeping your systems up to date and protected with the various layers of security we’ve already implemented are doing well in evading any successful intrusions.
It is doubtful that you will notice and issues with your server, applications, or web activities. However, if you do find any anomalies with any operation, please let us know immediately.
We are posting updates on Linkedin Facebook and Twitter
Details of attacks:
Robotic attempts using Brute Force Attacks and Penetration Scans are repeatedly attempting to bypass security measures to gain access to your system, unsuccessfully. Our security system is logging these events, which all originate from various IP addresses out of the Russian territory.
An example of the brute force attack entry is below:
Log Name: Security
Date: 7/10/2020 8:47:26 AM
Event ID: 4625
Description:An account failed to log on.
Account For Which Logon Failed:
Account Name: ADMORRIS (they are using random usernames)
Failure Reason: Unknown user name or bad password.
Source Network Address: 22.214.171.124 (This IP belongs to the Russian Federation territory)
Cloud computing has been around for quite a while but it took some years before it became part of everyday language. Starting out it might have seemed too esoteric for many companies, but it's hard to imagine our current technological world without the cloud.
On average, it takes 100 days for ransomware or malware to be detected with traditional network security systems due to their inadequate visibility and limited ability to analyze advanced threats. A lot of damage can occur over 100 days. Due to the advanced programming of EDR, the 100-day average of detecting ransomware or malware drastically drops to just a matter of hours or even minutes.
iTecs is your IT solution for your business’s remote and onsite managed IT service needs. iTecs has the expertise to guide and consult with businesses regarding which technology and services are necessary to run quickly and efficiently. After consulting with you on the technology needs of your business, iTecs will procure and employ the programs, then monitor and provide maintenance, such as patch management and updates, and be on top of any issue within the system if it were to occur. It should not be the responsibility of your business to be an expert in IT. Instead of worrying about becoming the best in IT to protect your business, gain peace of mind by outsourcing your IT needs to the best MSP by partnering with iTecs. We do what we do best, so you can focus on being the best in your industry and taking your business to the next level.