It’s one thing to avoid ransomware entirely, but what does a business do when it’s already within its walls? Today we are going to discuss how your business can recover from a ransomware attack, as well as measures and solutions you can implement to ensure that it doesn’t happen again.
The attack on SolarWinds earlier this year caused a lot of challenges, and now that time has passed and the dust has settled somewhat, Microsoft has uncovered another type of malware associated with the attack. This one is called FoggyWeb. What does this threat do and what can we learn about it?
If you use almost any Apple products, you’ll want to check for and apply an update that will prevent your devices from being spied on. Apple has just issued an emergency software update for a critical vulnerability that was recently discovered.
The new updates were pushed out on Monday, September 13th, 2021, and include a major security fix for the Apple iPhone, Apple iPad, Apple Watch, and Apple Mac computers and laptops.
Ransomware has been a scourge to businesses for years now, with it unfortunately experiencing a renaissance of sorts as the COVID-19 pandemic came to the fore. With increased phishing attacks and other means of spreading ransomware now taking advantage of the ongoing situation, it is all the more important that these attempts can be identified and mitigated.
Countless high-profile ransomware attacks have surfaced over the past several years, all against targets like manufacturers, pipelines, hospitals, and utility companies. Obviously, these attacks are a cause for concern, but some small businesses might make the mistake of thinking themselves too small to target. Unfortunately, this is simply not the case; we’ll help you protect your business from these devastating cyberattacks.
Let’s dive into the details and see what can be learned from this ransomware attack.
Kaseya is a software vendor that works closely with managed service providers (MSPs) to provide IT solutions. The software designed by Kaseya is meant to be used by managed service providers and large enterprises to manage and support technology across multiple networks. As reported by ZDNet, at least 40,000 companies worldwide use at least one tool created by Kaseya.
The attack in question leveraged a vulnerability in Kaseya’s VSA service, which is basically a remote monitoring and management tool.
Since Kaseya plays such a key role in connecting IT companies to the businesses that they support, it should come as no surprise that such a ransomware attack could have profound effects on both the MSP service industry and the countless businesses that are supported by them. If your IT provider happened to use this particular software, there is a good chance that you were unlucky enough to become a victim of this attack, especially if other countermeasures weren’t in place.
To give you an idea of how this attack has progressed, let’s take a look at the timeline, as it was reported by ZDNet:
The attack itself is thought to have been administered via an automated malicious software update, bypassing authentication and executing commands remotely. More information on this attack can be found in Kaseya’s briefing on the incident here.
Since this particular issue was caused by a zero-day vulnerability (a previously unknown vulnerability) in a provider’s systems, it is hard to fault anyone in particular for this hack, but it does further reinforce the importance of monitoring your system for irregularities, as this attack was only uncovered as a result of such monitoring. Imagine the damage that could have been caused by this threat if it were to remain undiscovered for an extended period of time. It just goes to show that even businesses that do everything right can still become victims of ransomware attacks.
While there are countermeasures to prevent ransomware attacks and restorative measures to get back in business after being attacked, if these measures weren’t in place for a company that was a victim of the attack, things probably aren’t looking very good.
We can’t stress enough that it is critical to have a solid backup solution in place that is regularly tested and reviewed. It’s also a good idea to have your network hardened and evaluated at least once a year to help it withstand ransomware attacks and other threats. Even if you need a second option, we’re happy to help.
Therefore, you should always take preventative measures to ensure that ransomware is as mitigated as possible. We can help your business keep itself safe from threats of all kinds. To learn more, reach out to us at (704) 665-1619.
Once again, ransomware strikes, this time targeting the world’s largest meat processor and distributor, JBS S.A. This disruptive cyberattack forced the company to suspend operations in both North America and Australia, a move which had devastating consequences to the supply chain. What can we learn from this situation?
Anyone who uses a computer regularly knows that software can be finicky. Developers continuously update their software to account for changes in security threats and to add new features. For the small business, integrating and developing software can be useful, but it can also be one of the most problematic issues you can face; and, oftentimes it can often go under the radar. Let’s look at a few ways that old software bugs can cause problems for your business.
Quick Marty! Hop into the DeLorean! Let’s time travel back to a simpler time, back in the late 90’s!
Back then, you could walk into any store that sold software and you’d see two types of antivirus protection - orange boxes that said Norton, and red boxes that said McAfee.
Today, like most things, life isn’t as simple. There are a lot of choices, and… well, you shouldn’t be going to a store to buy your antivirus these days. Let’s discuss!
Ransom: a sum of money is demanded in order for the release of goods.
Software: the programs and other operating information used by a computer.
What do you get when you combine the two? Ransomware.
You’d be hard-pressed to find someone nowadays who hasn’t heard of malware, although they may have difficulty identifying different threats as they encounter them. Does this sound like the people that you work with? We’re here with a simple solution to assist you and your team in spotting the different kinds of threats - a malware guide to distribute among your staff so they can better spot the usual suspects.
What’s a smartphone without some apps to download to it? With millions of apps to choose from, developers might often have less-than-virtuous motives that put their users at risk for their own benefit. Recently, Google has removed 22 apps from the Google Play Store that were found to contain automated click-fraud scripts. We’ll delve into what these developers were up to with these fraudulent applications, as well as how they would affect the two-million users that downloaded them.
It’s fair to say that today's organizations are faced with more online threats than ever before. To properly manage the information systems that they depend on for productivity, redundancy, and operational management, they need to ensure that they are doing what they need to do to mitigate problems stemming from the continuous flow of threats.
At the time of this writing, it has only been about a half a year since the Meltdown and Spectre exploits became public knowledge. Fortunately, patches were swiftly rolled out to mitigate the problems that these exploits could cause, but that doesn’t mean that these exploits are dead and buried. Let’s look back at Meltdown and Spectre to help us establish where we stand today.
There is a famous thought experiment devised by physicist Erwin Schrӧdinger, describing a very particular paradox in quantum physics through the experience of a cat. While Schrӧdinger’s cat was initially intended to demonstrate a very different phenomenon, it can also be applied to something that all businesses need to consider: their email security.
There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.
How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.
We have no problem going on the record as saying that there are more than enough strains of malware to go around. As such, it’s important that you know what to do if your workstation is struck by an infection.
Ransomware remains a very real threat, and is arguably only getting worse. Attacks are now able to come more frequently, and there are opportunities for even relative amateurs to level an attack against some unfortunate victim. However, this is not to say that there is nothing you can do to keep your business from becoming another cautionary tale.
Imagine that, despite the extreme care you took to avoid threats from infecting your devices, they turned out to be infected anyway. However, what if the device had been infected before you had even gotten your hands on it?