MKG Marketing MKG Marketing Logo Quotation Marks
Podcasts > What's the Problem

Ransomware Threat Vectors: The Danger of Open Ports

Mike Krass • Friday, May 27, 2022 • 10 minutes to listen

Subscribe to the Podcast or listen on...

Spotify Anchor

Join our weekly newsletter

We care about the protection of your data. Read our Privacy Policy.

Transcript

Opening

Welcome everybody to What's the Problem, the show that explores problems that buyers, practitioners, business folks, operators, sales and marketing people, and anybody in the realm of cybersecurity faces in today’s world.

Today, we are very fortunate to have Ravina Joshi joining us.

Conversation

Mike Krass: Ravina, say hello to our listeners.

Ravina Joshi: Hello, everyone. It's so great to be here. Thanks, Mike, for inviting me to your show.

Mike Krass: Absolutely! Our listeners know how we do this; we get right into it. So question number one, tell me why you're qualified and tell our listeners why you're qualified to talk about security.

Ravina Joshi: I have been in the IT industry for six years. I moved towards cybersecurity in the past three years because I have always been passionate about computers, technologies, data, and security. And currently, I'm working as a cybersecurity consultant, and I work mainly on the security assessment of the applications and network infrastructure.

I always feel good about my work, knowing that I'm helping people by securing their data and protecting their privacy. And also, I have completed a post-graduation degree in information security. I have certifications in Certified Ethical Hacker from EC Council, ISO 27001 lead auditor, and Google Cloud Associate Engineer certificates. So that's why I think of myself as qualified to discuss security.

Mike Krass: I can see your office now. There are just all these frame certificates of all this work that you've worked hard to earn. I can picture it now. Well, question number two, we keep the train moving here. I know there are a lot of problems in the world of cybersecurity. Name one problem that you'd like to explore with our listeners today.

Ravina Joshi: According to me and in today's world, the major problem is that security practitioners face ransomware attacks. As per Gartner's latest cybersecurity report, the ransomware attack is one of the most increasingly common cybersecurity issue.

Mike Krass That is a very popular topic. What about ransomware? What people do not pay attention that could be a threat factor that could be dangerous for their organization.

Ravina Joshi: It can be very dangerous for the organization. You may be well aware not of the attack that happened in 2017, which was WannaCry ransomware attack which cost around $100 billion to the organization, and there was a loss of reputation as well as the financial stability of many vendors as well as companies.

Mike Krass: What is something within wanna cry that led to that 100 billion dollar damage? What is something that you think people aren't thinking about too much that led that event to happen and be as catastrophic as it was?

Ravina Joshi: There are various reasons for these attacks, such as it got spread through phishing emails, and also through open ports, which I think are most insecure, and that was left open by organizations and are left open intentionally as well as unintentionally. The open ports played a major role in executing this WannaCry ransomware attack successfully.

Mike Krass: Tell me about the unintentional open ports. What were your understanding of WannaCry and that ransomware event with the unintentionally left open ports?

Ravina Joshi: I just want to discuss open ports first. It refers to the TCP or UDP port number that actively accepts the packets. In other words, it is a system behind every receiving communication system. They can also provide a pathway for attackers to the applications listening on that port, as we know that some ports are not intended to be exposed publicly. For example, the Server Message Block protocol operates over TCP ports, which are left open by default in Windows machines because they are responsible for file sharing, and printer sharing remote administration.

There are already various vulnerabilities that were detected in SMB's previous versions. And it was then exploited by attackers in the WannaCry ransomware attack, so computers that were infected with WannaCry were accepting traffic on SMB ports. So that was the reason behind this successful attack. It is always recommended to block all the versions of SMB by blocking the TCP port and related UDP port.

Mike Krass: And that was going to be my next question. What's recommended? You already give one recommendation. I think we were queuing up a second one, weren't you?

Ravina Joshi: It is also recommended to use SMB within the organization, which means internal to the organization. It should not be allowed beyond the corporate network because within the organization. Employees can use it for file sharing, printer sharing, or remote administration.

Mike Krass: Well, that's a great example of not just ransomware. But the importance of open ports, whether it's intentional or unintentional, has a pretty big consequence on the organization. I know you'd reference that 100 billion dollar number. But that's an incredible amount of damage to sift through at the end of the day over some ports that might not have even been intended to be open.

Now that I'm sufficiently terrified of all of our ports within our organization, I will talk to our information technology and information security team. I think it's time to end with some fun here. Ravina, would you tell our listeners about a terrible haircut you had in the past?

Ravina Joshi: Well, till high school, I had very long hair. They were below my waist, thick and lustrous. I was very proud of my hair, but one fine day, I decided to get a nice haircut. And that is the worst decision I have ever made. I went to a local hair salon in my city. And I told her to chop my hair a little just to give them a proper shape. I did not want the length to be short, so that's what I told her. But she thought I wanted them to be cut very short. There was a misunderstanding and it was very crowded that day.

She started chopping from the top. She ran the first scissor beside my ear. Before I could speak anything, she had almost cut the very first layer already. And then she said she got some misunderstanding. And to cover that up, she tried to give bob a cut, which also failed miserably. It was embarrassing for me to go out to my classes or attend any family function because everyone was asking the same question: What happened to your hair? You had such a long hair. Why did you cut them so short like a boy? I had no answer, so I chose to stay quiet for all here-related questions, at least for two or three years.

Mike Krass: You're sequestered for two or three years, just away from everybody. Oh my gosh!

Ravina Joshi: Yeah, I'd like to get the length until my shoulder.

Mike Krass: We appreciate you bringing some of your expertise as an active security practitioner to this podcast and being a little bit vulnerable and talking about having your hair cut so short that folks didn't even recognize it anymore. If you would be so kind, wave and say goodbye to all the listeners.

Ravina Joshi: Goodbye, everyone. Thank you so much, and thanks to Mike for having.

Mike Krass: You're very welcome. And to our listeners, thank you for listening to What's the Problem, the show that explores problems that buyers, practitioners, leaders, operators, and folks who are involved actively in the world of cybersecurity face in today's world.

Ravina Joshi

Ravina Joshi brings more than 5 years of experience working in the Information Security field across Financial Services, Telecom and other High Tech companies. She is well versed with the concepts of Web Application Security, Web Architecture, Penetration testing, Vulnerability Management, Active Directory, Vulnerability Assessment, Threat and Risk assessment, information Security Assurance (to name a few).

Join our weekly newsletter

Get industry news, articles, and tips-and-tricks straight from our experts.

We care about the protection of your data. Read our Privacy Policy.