Tag: Cyber attack

June 28, 2017 David Gemma

Business Continuity, Disaster Recovery & CyberSecurity

Prior, Proper, Planning

By Ken Rode, Director of IT Services, UNAPEN Inc., and a member of  ASCII since 2014

Earlier this month I reviewed WannaCry Ransomware. Now we have a new variant wreaking havoc in Europe and the US dubbed Petya. The interesting/annoying/scary thing about this one is that it includes the ability to leverage one vulnerable machine against your entire network. This means it is no longer sufficient to only protect your “important” machines. One vulnerable system no matter how inconsequential it is to you, could cause major issues within your network…..just as Merck, Maersk and others learned yesterday.

Our Partners at Datto have released an update that you can view here Massive Ransomware Attack Spreading across the Globe

The protections you need are the same as they were with WannaCry (see below); the new lesson is that you need these protections on every system that has access to your network.

Let's Cover the Basics (again for anyone that missed the previous article)

1.)    Keep your systems up to date – These attacks are exploiting a hole that was patched in March.  With all the tools and services available to ensure your systems are patched, it is negligent to not have applied this update by now.  Through ITComplete™, UNAPEN can even resolve the issue for operating systems that Microsoft no longer supports.

2.)    The attack has known signatures - so using a reputable, fully featured malware protection package should help block infections.  The key is to ensure these protections are on, operating properly and reporting to the correct people if an issue is discovered.  Trend Micro Worry Free Business Security is incorporated into UNAPEN ITComplete™ and has the protections needed.

3.)    Finally, the goal of ransomware is to collect ransom - even if an attack got through the first two protections (as WannaCry would not) you only need to pay ransom if you can’t recover on your own.  Active Business Continuity Systems like ITComplete DataSafe™ allow clients to spin up a clean copy of a protected system in minutes to recover from a hardware, software, or even malware issue.

Enjoy!

 

Avoid Business Disruptions: Protecting Your Clients and Your Firm

Get flexible IT services at an affordable fixed monthly cost with UNAPEN ITComplete.

Create comprehensive Data Backup & Disaster Recovery solutions with UNAPEN ITComplete DataSafe.

Harden your firm against Cyber Security Attacks with UNAPEN ITComplete NetScan.

May 8, 2015 David Gemma

Mitigating CyberSecurity Risks & Threats

The SEC’s Division of Investment Management released a CyberSecurity Guidance Update for April 2015 for Investment Funds and RIAs to help address and mitigate CyberSecurity risks and threats.

They are clear in stating “…that is it not possible for a fund or adviser to anticipate and prevent every cyber attack. Appropriate planning to address cybersecurity and a rapid response capability may, nevertheless, assist funds and advisers in mitigating the impact of any such attacks and any related effects on fund investors and advisory clients, as well as complying with the federal securities laws.” (more…)