Companies around the world have or are finding the need to send their workers home to prevent the spread of the novel coronavirus. For many business owners, managing your staff remotely is a brand new paradigm. Here’s what you need to know.
RANSOMWARE - WannaCry
|
Last Friday a new malware worm was released based on the leaked NSA exploits from earlier this year. This paired the cryptolocker variants with a way to automatically spread itself on an infected network and hold personal & business files hostage until a bounty is paid. This attack has been so damaging, that Microsoft has issued special patches for legacy operating systems including Windows XP & Server 2003. Going forward this is not guaranteed however, so please reach out to ZR Systems if you still have legacy systems running so we can work on a migration path for you. As ZR Systems Managed customers, we are pleased to let you know that we have had zero security incidences as a result of this attack. We work to protect you on multiple fronts depending on the technology you have chosen to utilize: Sonicwall Gateway Protection – Customers with active subscriptions or on ZR Systems Firewall as a Service program have been protected at the gateway since mid April. For additional information on how sonicwall identified the issue, you can checkout their blog Fortinet Gateway Protection – Customers with active Fortinet subscriptions have also been protected as of last week’s security update. Webroot SecureAnywhere Antivirus – Every endpoint (Servers & Workstations) managed by ZR Systems has Webroot SecureAnywhere installed which utilizes a realtime scanning engine that captures new variants in real time before they spread across your network.
Proactive System Patching – Patches are installed weekly for all systems under management, and monitored regularly by our Network Operations Center. The vulnerability used by this attack was patched by Microsoft back in March and was pushed out to all of our agents. Below is our global compliance statistics for our client base.
System Backups – The last line of defense against these types of attacks are backups. ZR Systems works with every client to make sure they have backup technologies in use to ensure we can recover files, system data, and applications. There is also a premium service available that can run your systems on premise or in the cloud in case of any issues that arise. Please be advised that even with these all in place, you and your staff are the most important line of defense in securing your business from threats like WannaCry. If you have any questions about a suspicious e-mail or website, please contact our Help Desk at (808) 369-1000. |
Additional References:
http://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/
http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday
Thanks to one of Google’s researchers with the Zero Day Project, it has been discovered that LastPass has a major vulnerability as a result of a major architectural problem. This news comes on the heels of many other flaws the same researcher discovered within LastPass. However, based on what the researcher claims, these vulnerabilities were much less serious than his latest discovery.
Ransomware is a particularly nasty strain of malware that continues to pop up in unexpected forms. In the case of a new variant of called Cerber, it targets users of Microsoft Outlook using a zero-day vulnerability via phishing messages. To make matters worse, Cerber can also utilize DDoS attacks, which is a major cause for concern.
If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.
Microsoft recently issued security patches to fix 27 vulnerabilities, many of which are critical in nature. The vulnerabilities are significant and popular titles are affected like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. Microsoft users that ignore these security patches are putting their system at unnecessary risk.
Last year, Microsoft pulled the plug on Windows XP’s support. Now, one year later, Windows Server 2003 is scheduled to meet its demise. If your servers are still running Windows Server 2003 as their operating system, it’s important to upgrade before the end of support date of July 14th. Otherwise, you could be running a server operating system without necessary patches and security updates.
Microsoft’s latest PC operating system arrived with fanfare yesterday, and has received overwhelmingly positive reviews so far, but is it ready for your business? Let’s take it for a spin and find out.
For those of you who don’t yet have Windows 10, don’t panic. It’s not going anywhere, and you’ll get it soon enough. In the meantime, it’s important that you don’t get impatient and hastily open suspicious emails containing what appears to be a launcher for your Windows 10 download. Hackers are using ransomware to extort money from unsuspecting users who just want their new operating system already.
There’s a wicked string of malware on the Internet that locks users out of their browser and directs them to call a phone number. That phone number reaches hackers who have set up a subterfuge as an IT support company. If this happens to you, even if you are in the middle of something important, do not call the phone number.
Modern ransomware is exceptionally dangerous, even by malware standards. Ransomware is capable of locking down important files on a victim’s computer, displaying a massive threat to both business professionals and their networks, as well as the average PC user. While other types of ransomware like CryptoLocker and CryptoWall are somewhat manageable, a new variant called CryptoJoker makes it borderline impossible to recover your files.
Mobile? Grab this Article
Contact Us
Learn more about what ZR Systems
can do for your business.
ZR Systems
98-810 Moanalua Road H-4
Aiea, Hawaii 96701
