Skip to content
Call: 1300 596 560
ITL-Coloured-H.png
  • Products
    CCare.png

    Comprehensive IT support and maintenance services to ensure smooth business operations.

    CPrivate_1.png

    Secure, private networking solutions tailored for your business's specific needs.

    CCloud.png

    Flexible cloud solutions for secure, scalable, and efficient data management.

    CNetwork.png

    Robust networking services to keep your business connected and efficient.

    CNBN.png

    High-speed NBN services to boost your internet connectivity and productivity.

    CVoice.png

    Advanced voice communication solutions to enhance your business communications.

    CPBX_1.png

    Innovative PBX systems providing reliable and scalable telecommunication solutions.

    Connect Web

    Enhance your online presence & streamline operations with our tailored web solutions!

    Our Products - Connect Cyber

    Protect your digital assets & safeguard your business online with our comprehensive cyber security services.

  • Services

    IT Support Services

    We offer tailored IT support customised to your business or enterprise needs & operations, ensuring optimal performance of your systems and infrastructure.

    Learn More

    Business IT Support

    Get specialised IT support for your business that ensures your technology aligns with your specific business goals, enhancing efficiency and productivity.

    IT Consulting

    Make informed decisions, implement effective strategies, and navigate complex landscapes with the help of our expert IT consultancy services!

    IT Procurement Services

    Let us assist you in acquiring the best tech solutions at competitive prices so that your business gets superior value, quality & performance.

    Managed IT Services

    Our innovative Managed IT Services drive business growth & scale with you! We work with you to understand your specific Managed IT needs, creating solutions that improve your IT infrastructure at a simple fixed monthly rate.

    Learn More

    Managed IT Support

    Experience hassle-free & cost-effective IT outsourcing to take the complexity out of IT management for your business.

    Managed Backups

    Safeguard your critical data, minimise downtime and ensure quick recovery when you need it, for total peace of mind and continuity.

    Managed IT License Management

    Streamline your IT lincense renewals and software license management to ensure compliance and optimised usage.

    Managed Firewall

    Fortify your network's security, protect against unauthorised access & evolving cyber threats for effective collaboration and operations.

    Microsoft 365

    Transform and modernise your workplace with our comprehensive M365 Solutions. Designed to foster collaboration, enhance flexibility & enable seamless connectivity from any location!

    Learn More

    Microsoft 365 Migration

    Seamlessly migrate to Microsoft 365 with our smooth transitioning process for minimal downtime.

    Microsoft 365 Backups

    Protect your critical M365 data with our robust backup solutions, ensuring data integrity and security.

    Email Signature Management

    Manage & unify your organisation's email signatures, reinforcing your professional brand identity.

    Microsoft Teams

    Achieve unparalleled team collaboration with Microsoft Teams for Business or Enterprise!

    Cyber Security Solutions

    In today’s ever-changing digital landscape, robust cyber security is essential. We develop tailored solutions that protect your business and safeguard sensitive customer information for confidence and peace of mind!

    Learn More

    Email Security

    Fortify your email communications to safeguard sensitive data and ensure uninterrupted business operations.

    Endpoint Security

    Enhance the security of your endpoints, from laptops to mobiles, ensuring compliance & threat protection.

    Cyber Security Training

    Empower your staff to proactively handle cyber threats & foster a culture of cyber awareness and preparedness.

    Essential 8 Simplified

    Implement a streamlined Essential 8 cyber strategy to effectively mitigate cyber risks in your business.

    Cyber Security Audits

    Conduct cyber audits to identify vulnerabilities, enhance security measures & ensure robust defences.

    Cloud Computing

    Reduce your IT infrastructure costs, increase operational efficiency and flexibility & improve the overall performance of your systems with our versatile and scalable cloud computing services for business and enterprise.

    Learn More

    Cloud Computing Services

    Enjoy fully scalable & versatile cloud computing services to drive business efficiency.

    Cloud Migration

    Our seamless migration services ensure a smooth transition and integration with your IT systems to the cloud.

    Cloud Backups

    Benefit from reliable cloud backup solutions to protect your critical data and client information.

    VoIP Telephony

    Our VOIP telephony solutions provide a cost-effective and flexible solution for businesses to communicate with their clients & employees. Enjoy greater mobility, scalability, and accessibility compared to traditional phone systems!

    Learn More

    VoIP Phone Systems

    Discover our state-of-the-art VoIP phone systems for superior communications.

    Remote Workplace Solutions

    Explore our innovative IT solutions to support efficient remote work environments & hybrid teams.

  • Industries

    Transportation

    Specialised IT solutions for the transportation sector.

    Learn More

    Professional Services

    Tailored IT services for professional service providers.

    Learn More

    Education & Government

    Specialised IT services for educational institutions and government bodies.

    Learn More

    Healthcare & Aged Care

    Custom IT solutions for healthcare and aged care facilities.

    Learn More

    Manufacturing

    Advanced IT solutions to streamline manufacturing processes.

    Learn More

    Mining & Resources

    Robust IT solutions for the mining and resources industry.

    Learn More

    Retail Industry

    Explore our innovative IT solutions for the retail industry.

    Learn More
  • Resources

    New User Form

    Do you need assistance with setting up a new user? Complete our new user form.

    New User Form

    Exit User Form

    Need help with an urgent IT issue? Complete our exit user form here.

    Exit User Form

    Blog

    Stay ahead in the digital world with our latest blogs. Get expert insights on evolving IT advancements or tips for seamless business IT operations!

    Read The Blog

    Case Studies

    Discover the success stories of IT Leaders’ clients and unlock the secrets to seamless IT support, managed services, cloud computing & VoIP telephony!

    Discover Our Case Studies
  • About

    About Us

    Learn more about IT Leaders, our values, team, and our expert services!

    Learn More

    Get Support

    Lodge a support ticket & we will get back to you as soon as possible!

    Get Support

    Technical Capability Summary

    Discover IT Leaders’ range of technical capabilities as a leading Australian IT solutions provider and MSP!

    Learn More

    Careers

    Discover the opportunities to join our team!

    Explore

    Our Team

    Do you need assistance with setting up a new user? Complete our new user form.

    Learn More

    Our Partners

    Gold Coast IT Services that will help your business optimise and grow as fast as you grow.

    Learn More

    Testimonials

    Do you need assistance with archiving your email? Complete our exit user form.

    View Testimonials
  • Contact
Call: 1300 596 560

4 Signs You’re Under Attack From Ransomware

  • November 23, 2020

You might have heard a lot about ransomware recently…

This is a computer attack where you are shut out of your systems and data by a hacker. And you’ve got to pay a fee, typically in Bitcoin, to get entry again. Although it’s not a new offence, it’s one of the fastest growing online crimes. Because it’s so lucrative for the perpetrators. And thanks to Covid and working from home, more and more corporations are unwittingly opening up to the danger.

In fact, it is reported that there are more than a hundred calls to insurers per day relating to ransomware-related issues.

Scary.

So, unless you take the appropriate steps, your company will become a victim at some point.

But how do you know that you’re not under attack already?

There’s something most people don’t know about ransomware.

If a hacker has access to your systems now, they’re not going to initiate the attack right away. It will take between 60 and 100 days-if not longer-from the moment you have been violated to the delivery of ransomware. So, you might already have unwelcome guests hidden in your network. Now that’s a scary idea.

You may be curious why these cyber criminals take such a long time launching their attacks. They spend weeks or more just skulking around, investigating the network for vulnerabilities, and looking for just the right moment to maximise their profits. Not just that, but bizarrely, the longer they take, the tougher it’s for you to find them.

And how do you know if you are under attack? And if you are, what do you do?

Here are 4 of the best ways for you (or preferably your IT service partner) to check that your network is safe and secure.

We must tell you about some specific technical things and software that can be signs of an impending attack.

1. Check for open RDP links

What is an RDP link and how do you open or close it?

We don’t want to get too tech here, so to put it simply, the RDP (or Remote Desktop Protocol) is a Microsoft technology that allows a local computer to connect to and control a remote PC over a network or the Internet. You’re probably using this kind of thing if you’ve had any of your people working from home this year, because it makes remote access a lot easier.

But RDP links left open to the Internet are a very common way for cyber criminals to enter your network. Scan for open RDP ports on a regular basis and use multi-factor authentication for your links (multi-factor authentication is where you generate a code on a separate device to prove that it’`s you).

Or use them with a VPN (Virtual Private Network) that allows you a private network from a public internet connection. It’s just a technical work to do. Your IT service company should be able to do this for you.

2. Look for unexpected software

One of the techniques used by ransomware gangs to gain control of the device is certain software tools. It’s critical that you use a network scanner to verify exactly what’s going on and who’s running it.

Many cyber criminals would take care of only one PC first, maybe using a phishing email to force someone to click on the wrong connection without realising it.

Once they have control over one PC, they will attack the whole network. Often methods like AngryIP or Advanced Port Scanner are used to do this. Check the network for resources like this. If they’re present and your IT people haven’t built them, you might have a dilemma. Criminals also use software to steal your passwords and login your credentials. Software such as Mimikatz and Microsoft Process Explorer.

If you discover something unfamiliar somewhere in your system, get in touch immediately with your IT support partner who will investigate further.

3. Monitor your administrators

Your network administrators typically have the authority to download software to the network. So, what’s the safest way for hackers to download the software that they need? They’re making a new administrator account for themselves. Then they can download any resources they need to hack the network.

You need to be aware of programs such as Process Hacker, IOBit Uninstaller, GMER and PCHunter. These are all legal resources that could be used by any IT specialist. Yet they can be dangerous in the wrong hands. And hackers may use it to disable the security software.

4. Check for disabled tools and software

When cyber criminals have administrator privileges, they will find and deactivate the security devices. You can say that the attack is close to beginning when something called Active Directory and your domain controllers are disabled.

Next, all backup data discovered by the offenders will be compromised. And any systems that automatically deploy software will also be disabled to avoid attempting to upgrade the computers after an attack. Then something called PowerShell will be used to spread everything across your network.

It’s worth remembering that all of this is going to be done slowly. Your hackers are going to take their time, because that makes it much harder to detect them. Many security tools only record traffic for a specified period of time, and are then reset. This ensures that no data is stored on the entry. Which disguises the attack until it’s ready to start.

Once an attack has been launched and your data kept to ransom, most of the time there’s little you can do other than try to restore backups. Or pay for the ransom. Hackers have usually been so thorough in their preparation that even the best IT security specialists have few options open to them.

So, once you’ve found that something might be wrong, what can you do to stop the attack from starting?

The most important step is to regain control of your RDP sessions – remember, the remote access we mentioned earlier. This is going to stop the attackers coming in again. And they’re also going to cut off their control access.

You can force a change of password across your core systems, which will also throw out your attackers. It is worth noting, however, that this is useless if your access to the RDP is not cut off and controlled, as the attackers will just re-enter.

Monitor the administrator accounts. This might sound like a simple step, but you’d be surprised how often it’s neglected. You should also monitor and limit who can use PowerShell within your organisation. Without getting into the details of what PowerShell is; just know it’s a powerful tool that you don’t want the wrong people to play with.

Keep all the software and security patched and updated. It’s very tempting to click on updates later. But saving a little time right now is not worth the massive amount of time and money you’re going to waste if you’re going to be the victim of a ransomware attack. Implement multi-factor authentication across all of your applications, if you haven’t already done so. This adds another level of security to your network and helps prevent unauthorised access.

Finally, set up your protection from the ground up to ensure that any member of staff in the whole company – from the CEO to the entry level worker – has frequent security training. If everybody is aware of the threats and how to prevent them, they could stop a possible attack in their tracks. Because this is such a highly technical subject, it’s not something that you or your team should tackle on their own. You need IT security specialists to take preventive action and monitor your systems regularly for early signs of problems.

This is exactly what our team can do. We’re the experts that you can trust.
Let us look at your current data security arrangements and advise you about how to strengthen them. Trust us, you’re going to sleep a lot better at night.

Download Our Guide 4 Steps you are Under an Attack From Ransomware

Share It:

Read More IT Leader Articles
Loading...
laptop screen showing software updates
October 28, 2024

Windows 10 Countdown: Why It’s Time to Upgrade Your PC Today

Windows 10 has been a reliable companion, but its days are numbered. Come October 14, 2025, Microsoft will end support for it. That means...
Read More
someone using a laptop looking at an email
October 21, 2024

Six Signs of Business Email Compromise to Watch For

Table of Contents Business email compromise (BEC) attacks are the most common cyber threat that Australian businesses face. They’re also one of the most...
Read More
smart office trends
October 14, 2024

Boost Productivity: Top 6 Smart Office Trends You Need To Know

The office environment is experiencing a major overhaul. The days of drab cubicles and repetitive routines are behind us. Today’s smart offices are vibrant...
Read More
ITL-Coloured-WhiteSub-H.png

Professional IT Services that are optimised to change and grow as fast as your business!

Facebook Twitter Linkedin

Products

  • Connect Care
  • Connect Cloud
  • Connect NBN
  • Connect Network
  • Connect PBX
  • Connect Private
  • Connect Voice
  • Connect Web
  • Connect Cyber

Services

  • IT Support
  • Managed IT Services
  • Microsoft 365 Solutions
  • Cyber Security
  • Cloud Computing
  • Cloud Migration
  • Cloud Backup
  • VoIP Telephony

Support

  • Contact Us
  • New User Form
  • Exit User Form

Resources

  • Careers
  • Blog
  • Technical Capabilities

© 2025 IT Leaders

Terms & Conditions

Privacy Policy