CCB contacted its constituents with a specific security alert with the description, possible consequences and possible solutions of the vulnerability and threat.
Courses of Action:
- Always back up your configuration before doing an upgrade.
- Upgrade your devices immediately 'and monitor for any newly available patches for the DrayTek devices.
- After upgrading, do check that the web interface now shows the new firmware version.
- Check that no additional remote access profiles (VPN dial-in, teleworker or LAN to LAN) or admin users (for router admin) have been added.
- Check if any ACLs (Access Control Lists) have been altered.
- Disable the remote access on your router if you don’t need it.
- Disable remote access (admin) and SSL VPN. The ACL does not apply to SSL VPN connections (Port 443) so you should also temporarily disable SSL VPN until you have updated the firmware.
- Enable syslog logging for monitoring if there are abnormal events.
The CCB contacted and informed DrayTek. DrayTek did not respond.
Ransomware is on the rise.
Ransomware is a virus that is installed on a device without the owner's consent and demands a ransom in exchange for unlocking the device and files.
Anyone can fall victim to ransomware: private individuals, independent professionals, hospitals and even large companies and the government.
You can protect yourself against ransomware.
For every internet user:
For companies and organisations:
- The recommendations for every internet user are of course also important for companies and organisations, but we advise them to go a step further.
- For SMEs and the self-employed, Endpoint protection software may be sufficient. But for large companies, a specialized business anti-ransomware solution is recommended.
- Provide a business continuity and recovery plan with a tested backup system.
- Make sure your organisation is prepared for a cyber-attack. Check out our webinar.
- Have your IT security architecture & policy reviewed by a specialist (including policies on patching, user training, network segmentation, etc.).
- Work on a cybersecurity strategy. Read how to do this here.
Private individuals can find all the tips they need to protect themselves against ransomware at www.safeonweb.be.
Organisations and companies can visit www.CERT.be. We published the white paper 'ransomware: protection and prevention' in September 2019. This whitepaper was updated in 2020.