Companies around the world have or are finding the need to send their workers home to prevent the spread of the novel coronavirus. For many business owners, managing your staff remotely is a brand new paradigm. Here’s what you need to know.
Companies around the world have or are finding the need to send their workers home to prevent the spread of the novel coronavirus. For many business owners, managing your staff remotely is a brand new paradigm. Here’s what you need to know.
RANSOMWARE - WannaCry
Last Friday a new malware worm was released based on the leaked NSA exploits from earlier this year. This paired the cryptolocker variants with a way to automatically spread itself on an infected network and hold personal & business files hostage until a bounty is paid. This attack has been so damaging, that Microsoft has issued special patches for legacy operating systems including Windows XP & Server 2003. Going forward this is not guaranteed however, so please reach out to ZR Systems if you still have legacy systems running so we can work on a migration path for you. As ZR Systems Managed customers, we are pleased to let you know that we have had zero security incidences as a result of this attack. We work to protect you on multiple fronts depending on the technology you have chosen to utilize: Sonicwall Gateway Protection – Customers with active subscriptions or on ZR Systems Firewall as a Service program have been protected at the gateway since mid April. For additional information on how sonicwall identified the issue, you can checkout their blog Fortinet Gateway Protection – Customers with active Fortinet subscriptions have also been protected as of last week’s security update. Webroot SecureAnywhere Antivirus – Every endpoint (Servers & Workstations) managed by ZR Systems has Webroot SecureAnywhere installed which utilizes a realtime scanning engine that captures new variants in real time before they spread across your network. Proactive System Patching – Patches are installed weekly for all systems under management, and monitored regularly by our Network Operations Center. The vulnerability used by this attack was patched by Microsoft back in March and was pushed out to all of our agents. Below is our global compliance statistics for our client base. System Backups – The last line of defense against these types of attacks are backups. ZR Systems works with every client to make sure they have backup technologies in use to ensure we can recover files, system data, and applications. There is also a premium service available that can run your systems on premise or in the cloud in case of any issues that arise. Please be advised that even with these all in place, you and your staff are the most important line of defense in securing your business from threats like WannaCry. If you have any questions about a suspicious e-mail or website, please contact our Help Desk at (808) 369-1000. |
Additional References:
http://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/
http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday
Thanks to one of Google’s researchers with the Zero Day Project, it has been discovered that LastPass has a major vulnerability as a result of a major architectural problem. This news comes on the heels of many other flaws the same researcher discovered within LastPass. However, based on what the researcher claims, these vulnerabilities were much less serious than his latest discovery.
Ransomware is a particularly nasty strain of malware that continues to pop up in unexpected forms. In the case of a new variant of called Cerber, it targets users of Microsoft Outlook using a zero-day vulnerability via phishing messages. To make matters worse, Cerber can also utilize DDoS attacks, which is a major cause for concern.
If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.
Microsoft recently issued security patches to fix 27 vulnerabilities, many of which are critical in nature. The vulnerabilities are significant and popular titles are affected like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. Microsoft users that ignore these security patches are putting their system at unnecessary risk.
Mobile? Grab this Article