Why Poor IT Practices Remain the Biggest Threat to Business Security

As the holiday season wraps up and companies set their sights on a fresh year, cybersecurity experts are sounding a familiar alarm. The biggest danger to businesses isn’t a sophisticated new hacking tool or a cunning insider threat. Instead, poor IT practices will cause most avoidable harm to organizations in 2025, according to specialists at Fujitsu. This blunt assessment challenges the common narrative that advanced cyberattacks are the primary concern. In reality, many companies are failing at the basics.

The Housekeeping Gap: Why Basic IT Security Fails

Many cybersecurity problems don’t stem from ingenious attack techniques. They arise because organizations neglect essential maintenance tasks. Mark Stollery, managing consultant for enterprise and cyber security at Fujitsu, explains that businesses often skip vital steps. These include effective vulnerability patching, proper threat intelligence, and access management systems that reflect only current users. Additionally, many fail to implement ‘least privilege’ access or act on penetration test recommendations.

This pattern of neglect leaves data-rich organizations needlessly vulnerable. Without these housekeeping basics, companies expose themselves to data loss, theft, or external system disruption. As a result, the majority of headline-grabbing breaches in 2025 will be entirely avoidable. This means that poor IT practices are not just a minor inconvenience—they are a direct path to significant financial and reputational damage.

Common IT Security Failures That Lead to Breaches

Vulnerability Patching Delays

One of the most critical yet overlooked tasks is timely vulnerability patching. When software vendors release security updates, organizations often delay installation. This creates a window of opportunity for attackers to exploit known weaknesses. Building on this, many IT teams prioritize new features over security fixes, leaving systems exposed for months.

Access Management Weaknesses

Another common issue is poor access management. Companies frequently maintain user accounts for former employees or contractors. This means that unauthorized individuals retain access to sensitive data. Furthermore, the principle of ‘least privilege’—giving users only the access they need—is rarely enforced. This amplifies the risk of internal and external data theft.

Ignoring Penetration Test Results

Penetration tests are designed to uncover vulnerabilities, but many organizations fail to act on their findings. Instead of treating these reports as urgent action items, they file them away. This means that identified weaknesses remain unaddressed, making future breaches predictable.

How to Prevent Avoidable Cyber Harm

So, what can businesses do to avoid becoming a statistic? The solution lies in returning to fundamentals. First, establish a routine patching schedule that prioritizes critical updates. Second, implement a robust access management system that regularly reviews user permissions. Third, treat penetration test recommendations as mandatory tasks with clear deadlines.

In addition, companies should invest in employee training. Many breaches occur because staff members fall for phishing scams or mishandle sensitive data. By fostering a culture of security awareness, organizations can reduce human error. For more insights on building a strong security posture, explore our guide on cybersecurity best practices.

Finally, consider adopting a proactive approach to threat intelligence. Instead of reacting to incidents, monitor emerging threats and adjust defenses accordingly. This shift from reactive to preventive security can significantly reduce risk. To learn more about threat intelligence strategies, read our article on threat intelligence tips.

The Bottom Line: Basics Matter Most

The cybersecurity industry often focuses on cutting-edge technologies and complex attack vectors. However, the evidence shows that poor IT practices will cause most avoidable harm to businesses. By addressing these foundational issues, companies can protect their data, reputation, and bottom line. As you plan your security strategy for the coming year, remember that sometimes the simplest solutions are the most effective. Don’t let basic housekeeping failures be your downfall.

What to Expect in Cybersecurity for 2017: Ransomware, Politics, and Shifting Defenses

The holiday season often brings a sense of renewal, but for cybersecurity professionals, the new year signals fresh challenges. As 2016 fades into memory—a year marked by high-profile breaches and the dominance of ransomware—the question on everyone’s mind is: what lies ahead in 2017? This article delves into the key cybersecurity predictions for 2017, examining how ransomware will evolve, the role of political hacking, and the steps enterprises must take to stay secure.

Ransomware: From Mass Attacks to Targeted Extortion

Ransomware dominated headlines in 2016, and experts agree it will only grow more sophisticated. According to Bitdefender, cybercriminals are investing in automated targeting to distinguish between home users and corporations. This shift allows attackers to demand higher ransoms from businesses, knowing they are more likely to pay to regain critical data.

Catalin Cosoi, chief security strategist at Bitdefender, explains that refining ransomware to target specific groups will dramatically increase success rates. Attackers can craft convincing spear-phishing messages, driving record-breaking open rates. Once inside a corporate network, they can customize ransom demands based on the victim’s data value. This means that ransomware trends 2017 will likely include more personalized and aggressive extortion tactics.

Similarly, Cyber adAPT warns that ransomware could “spin out of control” in the coming year. Citing Symantec’s Security Threat Report, which found over 4,000 ransomware attacks per day in 2016—a 300% increase from 2015—the firm emphasizes that traditional defenses like firewalls and antivirus software are insufficient. Scott Millis, CTO of Cyber adAPT, argues that detection and incident response must improve to combat this rising tide.

Political Hacking and Disruption: A Growing Concern

Beyond ransomware, political hacking is expected to escalate in 2017. The previous year saw state-sponsored attacks and election interference, setting a precedent for further disruption. Experts predict that hacktivist groups and nation-state actors will target critical infrastructure, government systems, and political campaigns.

This trend underscores the need for robust security protocols in public and private sectors. Enterprises should expect increased scrutiny of their supply chains and third-party vendors, as attackers exploit weaker links. For a deeper look at how organizations can bolster defenses, check out our guide on enterprise security best practices.

The Role of Poor Routine IT Practices

Another key prediction for 2017 is the continued fallout from poor routine IT practices. Many breaches stem from basic oversights: unpatched software, weak passwords, and inadequate employee training. As attackers become more sophisticated, these vulnerabilities become easier to exploit.

Security awareness training will be critical. Companies must move beyond compliance-driven approaches and foster a culture of vigilance. Social engineering attacks, often delivered via social networks, target specific individuals to gain access to sensitive data. Without comprehensive education, ransomware and other threats will continue to affect organizations.

CIOs Reclaiming Ownership of Data Initiatives

On a positive note, 2017 may see Chief Information Officers (CIOs) reclaiming ownership of data initiatives. In recent years, data strategy has often been fragmented across departments, leading to inconsistent security policies. As threats multiply, CIOs are stepping up to centralize governance and invest in proactive defenses.

This shift could lead to better integration of security into business processes. For example, implementing data loss prevention strategies can help organizations monitor and protect sensitive information across networks. By taking a leadership role, CIOs can ensure that security is not an afterthought but a core component of digital transformation.

Hope on the Horizon: Collaborative Defense Efforts

Despite the grim outlook, there is reason for optimism. Initiatives like the No More Ransom! project, which provides decryption tools for victims, are gaining traction. Law enforcement agencies are also collaborating more closely with the security industry to disrupt criminal networks.

Raj Samani, CTO EMEA at Intel Security, predicts that these efforts will reduce the volume and effectiveness of ransomware by the end of 2017. While pioneer groups like CryptoLocker and CryptoWall may persist, smaller players are expected to abandon ransomware as defenses improve. This collaborative approach could shift the balance in favor of defenders.

Conclusion: Preparing for a Turbulent Year

In summary, cybersecurity predictions for 2017 paint a picture of evolving threats and emerging defenses. Ransomware will become more targeted, political hacking will intensify, and poor IT practices will remain a liability. However, with CIOs taking charge and industry collaboration expanding, organizations can mitigate risks. The key is to stay informed, invest in proactive measures, and foster a security-first culture. As the new year unfolds, vigilance will be the best defense.

Inside the Dark Web Trade in Compromised Remote Desktop Services

A thriving underground economy exists on dark web forums where cybercriminals buy and sell access to compromised Remote Desktop Services. Recent investigations, including one by Fujitsu CTI, reveal a sophisticated marketplace that puts thousands of poorly secured servers at risk. Understanding this ecosystem is the first step in protecting your organization from becoming another listing.

How Cybercriminals Profit from Compromised Remote Desktop Services

The marketplace for compromised remote desktop services operates with alarming efficiency. One prominent example is the now-closed xdedic.biz, which offered device access through custom malware. A successor platform, Ultimate Anonymous Services (UAS), runs on both the dark web and the clear web, selling compromised servers to anonymous buyers.

Prices vary based on specifications like RAM, bandwidth, and geographic location. For as little as $14, a buyer can gain access to a server running Windows Server 2012 or Windows 10. The UAS RDP team alone claims to offer nearly 30,000 compromised RDS clients. This scale demonstrates the immense vulnerability of internet-facing systems.

The Global Reach of RDP Exploitation

These compromised remote desktop services are not limited by borders. Listings include options for location and administrative privileges. Gaining admin rights on a compromised device allows attackers to move laterally within a network—a tactic seen in major breaches like the OPM hack, which triggered a US government investigation.

Fujitsu CTI identified a brute force tool that targets poorly configured servers directly exposed to the internet. This tool automates the attack process, scanning for weak credentials and exploiting them. The result is a steady supply of compromised machines for sale.

Similarities Between UAS and xdedic

The operational similarities between UAS and xdedic are striking. Both platforms use custom malware to maintain access and provide instructions for hiding administrative accounts on compromised servers. These instructions reveal a deep understanding of Windows OS, enabling criminals to evade detection by system administrators.

This level of technical detail is key to building customer loyalty and repeat business. It also underscores the competition that defensive teams face. Some knowledgeable IT professionals are now working for criminal groups, drawn by the potential rewards.

Defending Against the RDP Threat

To protect against the sale and use of compromised remote desktop services, system administrators must take proactive steps. First, apply strict security protocols to any server exposed to the internet. Ensure that remote desktops have strong password policies, multi-factor authentication, and limited access.

Second, monitor for brute force attacks. The sheer volume of compromised devices on UAS proves that attackers are actively scanning for weak points. Implement threat intelligence systems to detect unusual login patterns.

Third, educate employees about the risks of remote access. A strong security awareness program can prevent credential theft and social engineering attacks. For more on building a robust defense, see our guide on cybersecurity best practices.

Why This Market Matters for Your Organization

The trade in compromised remote desktop services is a clear indicator that complacency is no longer an option. Cybercriminal networks are organized, well-funded, and technically skilled. They exploit the weakest links—often exposed RDP ports with default or weak passwords.

Organizations must make security a boardroom priority. Combining effective threat intelligence, incident response planning, and security education can disrupt these criminal operations. Learn more about how Fujitsu’s ‘Secure Thinking’ approach can help protect your data assets by visiting our framework page.

As the digital landscape evolves, so do the threats. Staying informed and vigilant is the only way to stay ahead. For further reading, check out our article on ransomware prevention tips.