A World Economic Forum survey of top executives found that cyberattacks are the #1 risk of greatest concern to North American business owners. That is exactly why every organization, no matter its size or markets it serves, should have multi-layered security measures in place to reduce your risk profile.
As a leader in Managed Security Services and Managed IT Services, GBS will bring to bear the highest level of experience, knowledge, discipline and preventive measures to make your organization as secure as possible. Every executive knows that all the layered protections won’t stop cybercrime from knocking on their door (so-to-speak), however, with our approach to Managed Security your chances of surviving and continuing to thrive after are strong.
GBS Managed Security Services’ layered approach takes a 360-degree discipline to protection. Our layered approach protects with:
Monitoring & Threat Response
EndPoint & Device Security
“As a leading business technology solution provider for the past 25 years, I know our approach to solution development and deployment are comprehensive, layered and will help reduce your organization’s risk profile.”
– Gaby Batshoun
GBS President & Founder
Catalin Cimpanu from BleepingComputer.com recently shared this article about the free universal availability of the WannaCry fix – yet some companies still aren’t being prudent. If you need help protecting your organization from Ransomware, give us a call – a GBS Security Solutions expert will be glad to discuss with you.
Full article below:
Kryptos Logic, the cyber-security firm running the main WannaCry sinkhole, announced today plans to allow organizations access to some of the WannaCry sinkhole data.
The security firm cites recurring WannaCry ransomware infections that are still taking place at various companies, even eleven months after the first WannaCry outbreak in May 2017.
For example, Boeing, Connecticut state agencies, Honda, and Victoria state police suffered WannaCry infections long after Kryptos Logic researcher Marcus “MalwareTech” Hutchins registered the WannaCry killswitch domain, effectively stopping the global outbreak on May 12, last year.
Unpatched systems keep WannaCry alive
Since then, new WannaCry infections have been popping at organizations here and there, while traffic to the killswitch domain has shown “little signs of slowing down,” according to a Kryptos Logic.
“We estimate […][that] hundreds of thousands of untreated and dormant Microsoft Windows infections maintain a foothold and are responsible for the residual and continued propagation of WannaCry,” researchers said today.
The reasons that WannaCry continues to make problems is that many organizations have not patched Windows systems by applying the MS17-010 security update that mitigates the vulnerability used by EternalBlue, the exploit at the heart of WannaCry’s self-spreading module.
This wouldn’t be a big issue if the configuration of some enterprise networks wouldn’t accidentally or temporarily block access to the WannaCry sinkhole/killswitch domain. In situations where this happens, WannaCry goes from SMB self-spreading worm behavior to actual ransomware and starts encrypting files.
Kryptos Logic launches Telltale
To address this issue, Kryptos Logic released today a tool named Telltale that offers organizations access to free WannaCry sinkhole data and additional tools.
Companies can use Telltale to monitor their IP address ranges for hits to the WannaCry sinkhole, which in turns allows system administrators to track down local machines infected by the WannaCry worm on their network. These machines are infecting other unpatched systems or could, at any time, turn into an internal ransomware outbreak, similar to what happened at Honda or Boeing this past year.
“To be clear, an enterprise with no detectable WannaCry infections can still be reasonably susceptible to an outbreak at any given moment if patching is incomplete,” Kryptos researchers say.
“A key takeaway is millions of actively infected WannaCry devices continue to relentlessly work to infect unpatched Windows systems. Most of these attack efforts go unnoticed due to the kill-switch and corporate proxy’s mitigating the ransom payload. However, any number of common failures can result in an outbreak, one where the ransom payload will not be mitigated.”
The same advice given last year regarding mitigating WannaCry still stands today. Patch and get it over with!