They are called Slammer, Code Red, I love you, Sobig.F, MyDoom, Stuxnet, WannaCry or currently Emotet and are extremely dangerous: Viruses, worms and trojans are always roaming the net. This results in high losses for companies, public authorities and private users. These go into the billions and in more and more cases “ransom” is demanded for hijacked data. Currently, the malware Emotet is up to no good and lures unsuspecting users with supposed mails from friends, neighbours or colleagues. Emotet reads the contact relationships and e-mail content from the mailboxes of infected systems and thus ensures continuous self-dissemination at an alarmingly high speed. Particularly perfidious: once the computer is infected, Emotet reloads other malware, such as the banking trojan Trickbot.
Vulnerable Client-to-Site VPN in Enterprise IT
Once the trojan has settled on a computer, it is almost impossible to get rid of it. The economic damage caused by such an infection is as worrying as it is dizzying. This leads to complete production downtimes and the loss of important and sensitive data, which in turn causes further damage. The BSI warns that in just a few days thousands of new infected e-mail accounts have been reported to providers. The weak points in the enterprise IT are sufficiently well-known and could be eliminated by the introduction of the oneclick™ platform regarding digital workspaces immediately. Emotet attacks and exploits the weaknesses of the “old IT world”. Connections, such as Microsoft Exchange, terminal or RDS servers hanging openly on the internet, or especially the client-to-site VPN connections to the corporate network often used in the home office and field service, can be open entry points for malware attacks. In the case of Emotet, the BSI warns that all open networks and remote desktop protocols are considered vulnerabilities. The German Federal Office for Information Security (BSI) lists which measures you can take in the event of infection.
Trojan Emotet as GDPR shock
But the direct damage to the company’s IT is often not enough, which is bad enough in itself. The General Data Protection Regulation (GDPR), which came into force in May 2018, provides for penalties of up to EUR 20 million for inadequately secured company systems in the case of compromised personal data. This could have been achieved by a trojan like Emotet reading the e-mail and address book contents alone, as this was not prevented – if technically possible. With consideration of the measures recommended by the BSI and the use of oneclick™ there is a functioning solution which could have prevented the infestation by e.g. Emotet – a different argumentation might therefore become increasingly difficult for enterprises.
Hybrid Cloud Solution from oneclick™ is secure and available immediately
Throughout the hysteria surrounding Emotet, readily available cloud solutions such as the oneclick™ platform offer instant protection. Because oneclick™ no longer requires client-to-site VPN connections and the platform thus closes known gateway gates ad hoc, there is simply no point of attack for trojans. Streaming in the browser means that no end device can infect an application server because direct communication between the user and the target system can be completely ruled out. No matter if home office, external service provider or field service: This reliable protection is included in the oneclick™ system and therefore available for every user – and the best: the application deployment and the plus in security are immediately applicable.
We would be happy to advise you on how you can manage the conversion of your systems, save costs and time as well as access your data immediately and securely at any time. Or register for one of our special webinars!