In the past few days, we’ve received a slew of calls from clients worried about the recent major Malware attack spreading around the world. India, China and parts of Europe took the brunt of the impact, mostly due to the corporate use of pirated copies of Windows that are unsupported. We are happy to report that as of press time, none of our customers were compromised by this latest threat. We provide our managed services’ customers with a suite of enterprise end-point security solutions including: Fortinet, Webroot, Labtech and MimeCast. Between standard security solutions, up-to-date/licensed software and current patch management, most businesses have no need to worry, yet.
This is just the beginning
Shadowbrokers is a hacking group blamed for a hack last summer of the U.S. National Security Agency (NSA), which exposed that secretive agency’s hacking tools, including several Zero Day exploits. Zero Day exploits are vulnerabilities that aren’t known to the public or software vendors. WannaCry leverages one of these exploits, but it was only a Zero Day up until the NSA tools were published online last year by Shadowbrokers. Microsoft patched all supported/licensed Windows instances since then.
What’s more, despite the spread of WannaCry, the newsworthy malware is thought to be the work of amateurs. Less than $50k was recovered from the hack before it was accidentally thwarted by a security researcher in the UK. A second round comprised of more sophisticated attacks by professional hacking organizations and state backed shadow groups are expected to follow this first iteration.
You get to decide the ending
Since governments and private interests are stockpiling zero-day exploits, treating them like electronic weapons, there’s going to be more released into the wild. As they wreak havoc, vendors scramble to patch and reduce fallout. Companies using the software are potentially exposed in the meantime.
In the case of WannaCry, anyone who used supported and up-to-date versions of Windows with the latest security patches and updates installed was safe. Future Malware attacks resulting from zero-days within updated versions of Windows and other popular software have the potential to spread further and faster. And, the likelihood of a more serious attack happening is only going up.
Best Practices
- Establish a regular routine for patching operating systems, software, and firmware on all devices. With our managed services offering: Intuition we provide a centralized patch management system all of our customers incorporation our team of engineers and Labtech.
- Deploy IPS, AV, and Web Filtering technologies, and keep them updated. We incorporate Fortinet, Webroot and Mimecast for all of this.
- Back up data regularly. Verify the integrity of those backups, encrypt them, and test the restoration process to ensure it is working properly. We use Labtech to monitor backups and recommend a true business continuity solution.
- Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users. We provide this through Mimecast.
- Schedule your anti-virus and anti-malware programs to automatically conduct regular scans. (Webroot)
- Establish a business continuity and incident response strategy and conduct regular vulnerability assessments.
- Implement user training making your staff aware of threat tactics and risks.
Endpoint security stops enemies at the gate
With the Fortinet Security Fabric, the following Security Fabric elements have capabilities to detect, prevent, and mitigate:
- Secure Email Gateway (Mimecast) – Malware and URL Scan
- Next Generation Firewall (FortiGate) – IPS, APP Ctrl, Malware Scan, IP Botnet, Segmentation
- Endpoint Protection (Webroot) – Vulnerability and Malware Scan
It’s literally our job to make sure your network is secure, and our three-pronged approach to corporate network security is what let’s us all sleep comfortably at night. If you have doubts about your security, then worry less with some of the best corporate security experts in the Denver area at your side.