Keep Your Systems Updated and Patched

What some have called “the worse ransomware attack ever” struck in May 2017, infecting an estimated 300,000 computer systems in just four days. WannaCry was similar to many ransomware attacks, i.e. it encrypted files and demanded a Bitcoin payment to decrypt them.

However, it differed in one major way: worm tactics.

Once WannaCry infected a machine, it scanned the connected LANs and WANs to find and attack other vulnerable hosts. The subsequent infections occurred automatically without user interaction.

This allowed WannaCry to seize entire networks and even hop to others, rapidly sparking a flash epidemic worldwide.

The National Health Service in the U.K. was hit particularly hard, with at least one-third of health trusts (i.e. healthcare offices and services) disrupted and over 19,000 appointments canceled, including surgeries.

Stolen NSA Cyber Weapons

WannaCry spread via EternalBlue, an exploit for Windows Server Message Block version 1 (SMBv1), a legacy network file-sharing protocol present in every version of Windows released in the last 15 years (and maybe more).

The exploit is allegedly from a cache of cyber weapons stolen from the U.S. National Security Administration (NSA) and released publicly on April 14, 2017.

Microsoft issued a patch for the vulnerability on March 14, 2017. When the attack began, every Windows system that had not been patched within eight weeks was vulnerable.

How Your Business Can Avoid a WannaCry 

  • Patch Vulnerabilities: The importance of patching cannot be overstated. When WannaCry struck, administrators with freshly patched Windows machines were safe.
  • Plan for Disaster: This attack targeted a vulnerability in millions of Windows systems. A patch had been available for only about two months. Another attack of this scale is always possible. If your systems are compromised, what will you do? If you don’t already have one, get a backup and disaster recovery plan in place.
  • Get a real security partner to assess your vulnerabilities and catch issues before they blow up into expensive and damaging problems. Call mPowered IT at 678-389-6200 and ask for a FREE VULNERABILITY ASSESSMENT.

 

 

Never Hide a Data Security Breach from Your Customers

Uber’s CEO revealed on Nov. 21, 2017, that the ride-hailing service failed to disclose a massive data breach last year. In Oct. 2016, hackers accessed a server containing personal information for more than 57 million Uber drivers and riders. They demanded a $100,000 ransom to delete their copy of the data, which Uber paid.

The attackers allegedly first accessed a private GitHub repository used by Uber’s developers. The repository contained code with login credentials for other Uber systems, which ultimately provided access to the stolen data.

Uber later identified the hackers and pushed them to sign nondisclosure agreements. It also disguised the ransom payment as part of a bug bounty program, according to the New York Times.

The Biggest Mistake was the Cover-up

The Uber data breach may prove to be an example of when the cover-up is worse than the crime. The breach undoubtedly harmed the company’s brand, but the damage caused by hiding the attack has only begun. Lawsuits are now raining down on Uber from attorneys general across the U.S.

How your Business Can Avoid Lawsuits and Customer Distrust from a Security Breach

Even though the security breaches at large corporations make the headlines, it’s the smaller companies that are the most vulnerable. Small businesses are generally easier to hack because they don’t put real security measures in place. Here’s what we recommend:

  • Know the laws. There are federal, state and local laws on how to handle a data breach and notify customers, and some are industry specific.
  • Err on the side of transparency – Thousands of companies have experienced a data security breach. It’s how you respond to it that matters to your customers. Most will forgive you, especially if you care enough about their information to keep them informed.
  • Get a real security partner to assess your vulnerabilities and catch issues before they blow up into expensive and damaging problems. Call mPowered IT at 678-389-6200 and ask for a FREE VULNERABILITY ASSESSMENT.

 

 

Never Overlook Data Security Vulnerabilities!

Credit reporting agency Equifax stores financial data on more than 800 million consumers and 88 million businesses worldwide, so data security is absolutely critical.

On July 29, 2017, the company detected and blocked suspicious network activity associated with a web portal used by U.S. consumers to file disputes. Later analysis revealed the portal’s application framework, Apache Struts, was outdated and had a severe data security vulnerability.

Equifax hired cybersecurity firm Mandiant to conduct a forensic analysis, which revealed a massive data breach affecting 143 million U.S. consumers. Further investigation later increased the number to 145.5 million – or about 45% of the U.S. population.

Severe Data Security Vulnerability Overlooked

Equifax was first alerted to the Apache Struts vulnerability on March 8, 2017, more than two months before the breach started, according to testimony to a U.S. House subcommittee by from former Equifax CEO Richard Smith. Equifax failed to act on the alert and apply the available patch.

Hackers launched the attack exploiting the vulnerability about two months later, on May 13, 2017. By the time the breach was discovered in late July, hackers had accessed dozens of databases and created more than 30 backdoors into Equifax’s systems.

How your Business Can Avoid this Type of Security Breach

Even though the security breaches at large corporations make the headlines, it’s the smaller companies that are the most vulnerable. Small businesses are generally easier to hack because they don’t put real security measures in place. Here’s what we recommend:

  • Apply Security Patches in a timely manner – Equifax failed to realize an alert for a critical vulnerability applied to one of its web portals. A flaw that should have been patched in a timely manner went unpatched for months.
  • Get a real security partner to assess your vulnerabilities and catch issues before they blow up into expensive and damaging problems. Call mPowered IT at 678-389-6200 and ask for a FREE VULNERABILITY ASSESSMENT.

 

 

Share the Risk

Having an in-house IT person or staff seems like the most efficient way to keep your IT network running. After all – you always have someone on-site to take care of issues. But the reality is, their motivations may be counter to your business needs. IT staff are generally not motivated to perform regular maintenance or prevent issues. If everything is consistently running well, they’ll be sitting around most of the time. Their perceived job security depends on fixing what’s broken, so they must justify their existence by continually fixing issues. And when there’s a costly repair, you bear the expense.

Our motivation is completely opposite. We’re paid one low monthly fee to keep your network running, and it’s far easier and more efficient to prevent issues than it is to fix them. And when something does go wrong, we bear expense of fixing it. Most network issues are included in the fee.

Relying on IT staff for service and support means you bear all the risks when something goes wrong – and something will always go wrong! Outsourcing to mPowered IT means you have a managed services provider with business goals that are aligned with your business goals. We both do better when your network is running smoothly with no issues. Occasionally, something may go wrong, but we bear the risk. It’s on us to make it right.

Call mPowered IT at 678-389-6200 to see how much easier and more efficient it is to outsource all your IT service and support.

 

 

Best Practices!

Even the most well-intentioned IT staff is more motivated to use technologies that work best for them, or what they like most, than to use what’s best for your business. The processes and procedures they use may be what they know, but are not necessarily industry best practices. Since your business relies on its network, it’s critical that you have reliable technology and protocols in place to avoid network issues.

mPowered IT is highly motivated to employ the most reliable technologies, and follow industry best practices, because we measure our success by how well your network runs. We know we’ve done our job right when your network doesn’t have issues.

Call mPowered IT at 678-389-6200 to see how much easier and more efficient it is to outsource all your IT service and support.

 

 

Web Analytics