This week, I would like to draw your attention to two big news stories. Firstly, we have Word documents being injected with rogue code and secondly a ransomware attack on an entire town ...
News from the tech world is concerning! Malware and ransomware is here to stay!
So, let's talk about Microsoft Word then. Word documents are being sent as attachments and they've been injected with rogue code so as the computer user who received them clicks open, the hackers computer is notified and sends even more malware to the unsuspecting user.
"It's an oldie, but goldie!"
This first started years ago, but has come to the fore again more recently as it's hit more high profile businesses. It is further evidence of the vulnerabilities of standard Microsoft software. However, 90% plus of the world's population are users of Office software so if you're running a corporate email system, then anything received should go through external 'washing' with sophisticated Artificial intelligence to sniff out potential threats of incoming emails to your organisation.
As far as sending out emails from your domain, this also requires protection so that your recipients know that the emails are genuine. Domain name authentication ensures that if your email addresses have been spoofed, but not sent from a legitimate IP address, then the system would automatically reject it and stop it from reaching its intended target.
Businesses would be well advised by their in-house or outsourced IT department to spend on annual licences to protect incoming and outgoing email (for reputation above all else) and not see it as just another cost.
"Next up we've got new malware evasion techniques!"
It really is worth clicking this link and having a read. Many IT companies and internal IT departments are tasked with monitoring your systems by using specialist remote diagnostic and network analysis software. But what if the hackers target the manufacturer itself?
In the case of Kaseya, this was the case. Kaseya's customers are IT companies, who use the software to protect their own business customers. So, this hack had massive consequences as far as a ransomware attack goes. The attack took down an entire Town as well as thousands of businesses in the US.
Seriously, the best time to review and audit every single aspect of how, where and who your networks are connected to is now!
This goes for any device that has the letters I and P before the name- i.e. and IP (internet protocol) device - IP cameras, IP Phones, IP Fish Tank Feeders (as mentioned in a previous blog post), IP connected Air Conditioning Units, IP anything!
Click here to read more about the ransomware attack on Leonardtown in Maryland and I am sorry to say, but ransomware attacks are here to stay. Your IT budget will need to be reviewed and a few thousand more pounds spent on improving your Firewalls, email security, endpoint protection (which is more than just antivirus) and more importantly, the infrastructure of your network.
You must ensure there are never any unknown external firewall connections.
Until next time ...
PRITESH GANATRA
Would you like to know more?
If anything I've written in this blog post resonates with you and you'd like to discover more, it may be a great idea to give me a call on 01604 926100 or take a look at my website which you can find by clicking here.
The word 'Technology' has too many connotations in today's world!
Where do we start? Simple terms like 'IT' and 'Telecoms'? or terms that appear NOT to have an actual meaning at all!, e.g. 'Internet of Things (IoT).
Technology also encompasses specialist products and services like 'Rugged' and 'Tough' android devices, Lone Worker Software, panic alarm devices, smart energy devices, low energy lighting, credit card terminal (PCI DSS) security, indoor/ outdoor Wi-Fi systems, Ultrafast Gigabit internet connectivity, access control systems, industrial IoT circuit controllers.
BTS UK can consult from simple solutions to the most complex, provide some of the products through a wholesale channel, bring together a multi-disciplined 'Task Force' to deliver and implement complete Technology 'projects'.
I am your technology problem solver and I look forward to helping you.
No unauthorised use, duplication, distribution or modification to any original content contained within this blog is permitted without prior written permission of the author. All other trademarks and registered names are acknowledged.