{"id":7448,"date":"2017-04-26T04:30:29","date_gmt":"2017-04-26T12:30:29","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/04\/26\/news-1239\/"},"modified":"2017-04-26T04:30:29","modified_gmt":"2017-04-26T12:30:29","slug":"news-1239","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/04\/26\/news-1239\/","title":{"rendered":"Old Windows Server machines can still fend off hacks. Here's how"},"content":{"rendered":"

<\/p>\n

Credit to Author: Michael Kan| Date: Wed, 26 Apr 2017 04:01:00 -0700<\/strong><\/p>\n

If you’re running a Windows Server 2003 machine, you have a problem.\u00a0Your already-vulnerable computer is now at severe risk of being hacked.<\/p>\n

That’s due to the internet release earlier this month of a batch of updates that\u00a0paint a bull’s-eye\u00a0on computers running Windows Server 2003, according to security researchers.<\/p>\n

\u201cI can teach my mom how to use some of these exploits,\u201d said Jake Williams, founder of Rendition Infosec, a security provider. \u201cThey are not very complicated at all.\u201d<\/p>\n

Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches<\/a> that can address the threat.<\/p>\n

But some, particularly those in manufacturing and healthcare, cannot because they rely on\u00a0legacy software that won’t run on a modern operating system.<\/p>\n

\u201cIt\u2019s usually very costly to upgrade,\u201d he said. \u201cAnd again, the machine is working fine, but control has to be done through Windows Server 2003.\u201d<\/p>\n

There may be more than 500,000 Windows Server 2003 machines publicly exposed to the internet,\u00a0according to Shodan<\/a>, a search engine for devices. But Williams estimates there are many more vulnerable machines running behind company firewalls.<\/p>\n

So,\u00a0for those that can\u2019t, here are some tips to keep your old Windows Server 2003 machine secure.<\/p>\n

The spying tools include several Windows-based exploits, or hacking programs, that target the Windows Server Message Block (SMB) protocol, which is used for file-sharing purposes. The exploits work by remotely triggering the OS to execute code, which can be used to install other malware.<\/p>\n

Companies saddled with older Windows Server machines can still protect themselves. Williams suggests they go beyond putting vulnerable servers behind a firewall, and use a tactic called network segmentation.<\/p>\n

This can involve restricting access to your most critical servers, and ensuring only system admins can control them. \u201cSo instead of giving 20,000 people in a company access, you can cut that number down to 20,\u201d Williams said.<\/p>\n

Thus, if hackers ever do breach the firewall, they\u2019ll have access to a smaller segment of the corporate network.<\/p>\n

Network segmentation also doesn\u2019t cost a lot of money. Enterprise internet routers often contain access control features that can limit which computers can talk to what, Williams said.<\/p>\n

Businesses should also consider monitoring the vulnerable servers, or at least the ones carrying critical information. Any unusual data traffic moving through them is probably a sign they\u2019ve been hacked, he said.<\/p>\n

To keep malicious activity out of vulnerable systems, application whitelisting<\/a> can also be used, said Jason Leitner, president of Below0Day, an IT security provider.<\/p>\n

Whitelisting works by allowing only trusted applications to run on a computer. It\u2019s the opposite approach of antivirus products, which essentially blacklists malicious programs based on known indicators.<\/p>\n

Businesses can also create backups of any sensitive data stored in these machines. One malicious threat that\u2019s been growing in recent years has been ransomware<\/a>. It works by infecting a computer, and encrypting all the data inside. To free the machine, victims have to pay a ransom, usually in bitcoin.<\/p>\n

However, even with these safeguards, the best solution to protecting a vulnerable Windows Server system is to upgrade, according to security experts.<\/p>\n

Although it might be costly in the short term, the investment can help businesses avoid a disastrous data breach. Tiago Henriques, CEO of security firm BinaryEdge, encourages businesses to calculate which is higher: \u201cThe cost of buying the upgrade or the damage to their brand and their clients if they get hacked?\u201d<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Michael Kan| Date: Wed, 26 Apr 2017 04:01:00 -0700<\/strong><\/p>\n

\n
\n

If you’re running a Windows Server 2003 machine, you have a problem.\u00a0Your already-vulnerable computer is now at severe risk of being hacked.<\/p>\n

That’s due to the internet release earlier this month of a batch of updates that\u00a0paint a bull’s-eye\u00a0on computers running Windows Server 2003, according to security researchers.<\/p>\n

\u201cI can teach my mom how to use some of these exploits,\u201d said Jake Williams, founder of Rendition Infosec, a security provider. \u201cThey are not very complicated at all.\u201d<\/p>\n

Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches<\/a> that can address the threat.<\/p>\n

To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[11072,714,12097,10761],"class_list":["post-7448","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-cybercrime-hacking","tag-security","tag-servers","tag-windows-10"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7448","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7448"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7448\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7448"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7448"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7448"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}