A thread on the dark web from a hacker reveals that the said hacker has illicit access to more than 50 businesses in the US that employ Fortinet VPNs. This full access has been placed on the market at $7,500 causing quite a stir in the Cybersecurity circle.
For this reason, it can be stated that this unauthorized access is not restrictive to VPNs only. They also say they have access to RDP and administrators’ level to some of the targeted firms. Thus, in obtaining such access, the attacker might be able to run commands and introduce malicious software as well as acquire dangerous information affecting the involved entities.
Regarding this, it can be concluded that it is a sign that not only is the cyber criminal becoming more smarter, but also much more audacious as they offer forbidden access to the Denizens of the world. Therefore, the described event raises the concerns of the reliability of frequently used security systems and the importance of strong security measures.
As the situation is now deteriorating, the following measures should be taken as cybersecurity specialists report it. Based on the present security standard, VPNs should be audited and organizations are advised to verify their VPN setup. Thus, measures needs to be made to ensure that multi-factor authentication is put in place to reduce such incidences of people logging in the system without proper authority. Also, the traffic occurring in the company’s network is monitored quite closely and, if there is any trace of the hacking information that the hackers were intending to, it is detected. Another is also the knowledge with the current threat intelligence or the bare check on all the systems to ascertain that they have current patches.
The specialists from the sphere of cybersecurity also underlined the importance of the critical assessment of threats in the course of prevention and the elaboration of appropriate means for their overcoming. We have seen an increase in the cases of cyber threats and there is need to minimize risks to organizational systems and at the same time build confidence to the stakeholders.
It depicts the need for understanding the real cyber threat environment and the need to act to defend computers in the age of the internet reign.