Multiple news reports have focused on how this attack was launched using NSA code leaked by a group of hackers known as the Shadow Brokers. That’s certainly what seems to have happened based on SophosLabs’ own investigation. A more detailed report on that is planned for early next week.
Sophos will continue to update its Knowledge Base Article (KBA) for customers as events unfold. Several updates were added today, and are summarized below in the “More guidance from Sophos” section.
Microsoft took the highly unusual step of making a security update for platforms in custom support (such as Windows XP) available to everyone. The software giant said in a statement: “We know some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download here.”
With the code behind Friday’s attack in the wild, we should expect copycats to cook up their own campaigns in the coming days to capitalize on the money-making opportunity in front of them, said Dave Kennedy, CEO and founder of information security consultancy TrustedSec.
The attack could have been worse, if not for an accidental discovery from a researcher using the Twitter handle @MalwareTechBlog, who found a kill switch of sorts hidden in the code. The researcher posted a detailed account of his findings here. In the post, he wrote: “One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again, so it’s incredibly important that any unpatched systems are patched as quickly as possible.”
***
It was a difficult Friday for many organizations, thanks to the fast-spreading Wanna Decrypter 2.0 ransomware that started its assault against hospitals across the UK before spilling across the globe.
The attack appears to have exploited a Windows vulnerability Microsoft released a patch for in March. That flaw was in the Windows Server Message Block (SMB) service, which Windows computers use to share files and printers across local networks. Microsoft addressed the issue in its MS17-010 bulletin.
SophosLabs said the ransomware – also known as WannaCry, WCry, WanaCrypt and WanaCrypt0r – encrypted victims’ files and changed the extensions to .wnry, .wcry, .wncry and .wncrypt.
Sophos is protecting customers from the threat, which it now detects as Troj/Ransom-EMG, Mal/Wanna-A, Troj/Wanna-C, and Troj/Wanna-D. Sophos Customers using Intercept X will see this ransomware blocked by CryptoGuard. It has also published a Knowledge Base Article (KBA) for customers.
NHS confirms attack
National Health Service hospitals (NHS) in the UK suffered the brunt of the attack early on, with its phone lines and IT systems being held hostage. NHS Digital posted a statement on its website:
The UK’s National Cyber Security Centre, the Department of Health and NHS England worked Friday to support the affected hospitals, and additional IT systems were taken offline to keep the ransomware from spreading further.
Victims of the attack received the following message:
Find out today if your current system meets today's minimum security recommendations. Call Managed Solution at (800) 208-3617
[vc_row][vc_column][vc_column_text]
Ever wonder how your company would function during a catastrophic data loss? Ninety percent of executives agree they need a business continuity and disaster recovery (BCDR) plan, so why put your business at risk any longer? Download this infographic and learn the 5 steps to a solid disaster recovery plan with Microsoft Azure.
[/vc_column_text][/vc_column][/vc_row]
The rise of cloud computing and the plethora of new business opportunities it comes with ushers virtually every organization in every industry into the realm of becoming a digital business in at least some respect. This, in turn, makes it pivotal that every company master the legalities that come with the digital economy.
One challenge that technology leaders such as Microsoft have consistently acknowledged is the risk of patent infringement. With over two decades of experience and a broad legal infrastructure designed to manage these risks, Microsoft will use its patent portfolio to help protect cloud customers.
Microsoft announces its launch of the Azure IP Advantage program – the industry’s most comprehensive protection against intellectual property (IP) risks.
The goal is to foster innovation and investments in the cloud while businesses can respond to the changing needs of their customers without worrying about lawsuits.
The cloud-based economic opportunity is great with an estimated more than $1 trillion in IT spending by 2020, according to the research firm Gartner, representing an huge economic opportunity for individuals and businesses everywhere.
At the same time, however, the growing risk of IP lawsuits in the cloud is essential to acknowledge. According to Boston Consulting Group, there has been a 22 percent rise in cloud-based IP lawsuits over the last five years in the US. During the same period of time, non-practicing entities (NPEs) have increased their acquisition of cloud-related patents by 35 percent.
Microsoft Azure IP Advantage program includes the following to address this issue:
1) Microsoft's best-in-industry IP protection with uncapped indemnification coverage will now also cover any open source technology that powers Microsoft Azure services, such as Hadoop used for Azure HD Insight.
2) 10,000 Microsoft patents will be made available to customers that use Azure services for the sole purpose of allowing them to better defend themselves against patent lawsuits against their services that run on top of Azure.
3) Any patents that Microsoft transfers to non-practicing entities in the future can never be asserted against them. Microsoft does not have a practice of making such transfers, but see this as an extra protection that many customers value.
These measures are put in place to make sure the cloud is used for good & to protect users against intellectual property risk.
[vc_row][vc_column][vc_column_text]
New Azure services help more people realize the possibilities of big data
This week in San Jose thousands of people are at Strata + Hadoop World to explore the technology and business of big data. As part of our participation in the conference, we are pleased to announce new and enhanced Microsoft data services: a preview of Azure HDInsight running on Linux, the general availability of Storm on HDInsight, the general availability of Azure Machine Learning, and the availability of Informatica technology on Azure.
These new services are part of our continued investment in a broad portfolio of solutions to unlock insights from data. They can help businesses dramatically improve their performance, enable governments to better serve their citizenry, or accelerate new advancements in science. Our goal is to make big data technology simpler and more accessible to the greatest number of people possible: big data pros, data scientists and app developers, but also everyday businesspeople and IT managers. Azure is at the center of our strategy, offering customers scale, simplicity and great economics. And we’re embracing open technologies, so people can use the tools, languages and platforms of their choice to pull the maximum value from their data.
Simply put, we want to bring big data to the mainstream.
Azure HDInsight, our Apache Hadoop-based service in the cloud, is a prime example. It makes it easy for customers to crunch petabytes of all types of data with fast, cost-effective scale on demand, as well as programming extensions so developers can use their favorite languages. Customers like Virginia Tech, Chr. Hanson, Mediatonic and many others are using it to find important data insights. And, today, we are announcing that customers can run HDInsight on Ubuntu clusters (the leading scale-out Linux), in addition to Windows, with simple deployment, a managed service level agreement and full technical support. This is particularly compelling for people that already use Hadoop on Linux on-premises like on Hortonworks Data Platform, because they can use common Linux tools, documentation, and templates and extend their deployment to Azure with hybrid cloud connections.
Storm for Azure HDInsight, generally available today, is another example of making big data simpler and more accessible. Storm is an open source stream analytics platform that can process millions of data “events” in real time as they are generated by sensors and devices. Using Storm with HDInsight, customers can deploy and manage applications for real-time analytics and Internet-of-Things scenarios in a few minutes with just a few clicks. Linkury is using HDInsight with Storm for its online monetization services, for example. We are also making Storm available for both .NET and Java and the ability to develop, deploy, and debug real-time Storm applications directly in Visual Studio. That helps developers to be productive in the environments they know best.
You can read this blog to learn about these and other updates we’re making to HDInsight to make Hadoop simpler and easier to use on Azure.
Azure Machine Learning, also generally available today, further demonstrates our commitment to help more people and organizations use the cloud to unlock the possibilities of data. It is a first-of-its-kind, managed cloud service for advanced analytics that makes it dramatically simpler for businesses to predict future trends with data. In mere hours, developers and data scientists can build and deploy apps to improve customer experiences, predict and prevent system failures, enhance operational efficiencies, uncover new technical insights, or a universe of other benefits. Such advanced analytics normally take weeks or months and require extensive investment in people, hardware and software to manage big data. Also, now developers – even those without data science training – can use the Machine Learning Marketplace to find APIs and finished services, such as recommendations, anomaly detection and forecasting, in order to deploy solutions quickly. Already customers like Pier 1, Carnegie Mellon, eSmart Systems, Mendeley and ThyssenKrupp are finding value in their data with Azure Machine Learning.
Azure Machine Learning reflects our support for open source. The Python programming language is a first class citizen in Azure Machine Learning Studio, along with R, the popular language of statisticians. New breakthrough algorithms, such as “Learning with Counts,” now allow customers to learn from terabytes of data. A new community gallery allows data scientists to share experiments via Twitter and LinkedIn, too. You can read more about these innovations and how customers are using Azure Machine Learning in this blog post.
Another key part of our strategy is to offer customers a wide range of partner solutions that build on and extend the benefits of Azure data services. Today, data integration leader Informatica is joining the growing ecosystem of partners in the Azure Marketplace. The Informatica Cloud agent is now available in Linux and Windows virtual machines on Azure. That will enable enterprise customers to create data pipelines from both on-premises systems and the cloud to Azure data services such as Azure HDInsight, Azure Machine Learning, Azure Data Factory and others, for management and analysis.
The value provided by our data services multiplies when customers use them together. A case in point is Ziosk, maker of the world’s first ordering, entertainment and pay-at-the table tablet. They are using Azure HDInsight, Azure Machine Learning, our Power BI analytics service and other Microsoft technologies to help restaurant chains like Chili’s drive guest satisfaction, frequency and advocacy with data from tabletop devices in 1,400 locations.
This week the big data world is focused on Strata + Hadoop World, a great event for the industry and community. It’s exciting to consider the new ideas and innovations happening around the world every day with data. Here at Microsoft, we’re thrilled to be part of it and to fuel that innovation with data solutions that give customers simple but powerful capabilities, using their choice of tools and platforms in the cloud.
Security has always inhibited the take-up of cloud. I believe in most cases fears are overstated, but data security in the public cloud cannot be taken lightly. Data remains the responsibility of the organization that owns it, regardless of where it is stored. Your data may be held in an external cloud, but you cannot abdicate your own security responsibilities.
Your choice of cloud service should be based on what your organization can do and your appetite for risk. If you have limited resources, you will be more reliant on your cloud provider, but it is up to you to ensure they offer the security you need and continue to provide it throughout the contract.
When choosing a service, be aware that different types of public cloud include different levels of security. Very simplistically, with Infrastructure as a Service (IaaS), the service provider will secure access to the underlying host and provide good general security up to and including the host and hypervisor patching. They may also provide proactive infrastructure security monitoring, often as a chargeable additional service, but you will still be responsible for securing access to the instance(s) and everything inside them, plus security of integration between instances unless you contract the provider or another third party to do it for you.
With Platform as a Service (PaaS) you also get a secured OS and service platform, plus normally patching of this, but you have to take responsibility for access and authentication to the service plus application patching and code updates for your service running on the platform.
With Software as a Service (SaaS) the provider is responsible for overall security of the service including securing any data hosted in their environment, so your responsibility is primarily authentication to the service and data transfer between service providers.
If you have very specific security needs, public cloud may not be right for you. The major public cloud providers have defined, standard processes and services, which is one of the major benefits of cloud and key to its cost effectiveness. If you need the provider to tailor its processes to suit you, you will be better off talking to private and virtual private cloud providers.
Having chosen public cloud, you need to find the right provider – which I believe is more about risk management than security. You must carry out effective due diligence, evaluating potential cloud providers as you would any other supplier and seeking independent verification of their capabilities and financial security.
It is the cloud provider’s responsibility to ensure your data is secured and protected within their environment, and their SLA should offer appropriate guarantees. However, it is your responsibility to ask them to deliver the appropriate levels of information security, and you must measure and audit them yourself to ensure they apply what has been agreed.
Agreements do not normally include backup unless you specify it in the contract, but all data you host with the provider should be recoverable and returnable at the end of the agreement.
To ensure data sovereignty, you should ask the cloud provider where it will be stored. You need to ensure this is in a jurisdiction with the correct safeguards in place and which does not contravene the Data Protection Act (GDPR from May 2018) or comparable legislation in other jurisdictions. Many providers who previously hosted offshore are setting up UK data centers to meet this requirement. Remember to ask where both primary and backup sites are located. If the provider cannot guarantee this, walk away.
I recommend asking your potential service provider:
Who is the ultimate holder of the data?
Where is the data held?
Do you operate good processes and can you prove it?
What specific security standards and levels of security are you applying to my data?
How can you guarantee no-one else can get access to my data unless I specifically want them to?
Organizations should check this information for themselves and manage it as they would for every other corporate risk.
Finally, consider how to manage your cloud supply chain. In many cases the organization you contract with is not the ultimate provider of the service, so you need to ensure they have suitable underpinning agreements or back-to-back contracts with their providers. Multiple providers may be necessary to deliver core services.
Risks arise when it is not clear where responsibility lies, which can lead to a blame culture. I recommend developing an operational agreement whereby suppliers commit to a code of conduct designed to remove any barriers to effective relationships and interworking and which operates alongside SLAs. This helps suppliers work together and removes any gaps or overlaps between contracted boundaries of responsibility, with mechanisms to resolve disputes in a collaborative and effective manner. It can be formalized in a Customer Service Charter.
Looking for a partner in your business' managed services needs? Call us at 800-790-1524 to learn about all that we offer!
[vc_row][vc_column][vc_cta_button2 h2="Find Your Best Path To A Truly Consistent Hybrid Cloud" title="COST BENEFIT ANALYSIS" size="lg" position="bottom" link="url:http%3A%2F%2Fwww.managedsolution.com%2Faws-azure-compare%2F||" accent_color="#f4c61f"]
Achieve IT infrastructure cost savings of at least 50%
Call Southern California’s most trusted name in cloud at 800-208-3617 for real time pricing and a cost benefit analysis for Microsoft’s Azure and Amazon’s AWS.
[/vc_cta_button2][/vc_column][/vc_row]
New Security Analytics Service: Finding and Fixing Risk in Office 365
Microsoft is pleased to announce the preview availability of a new security analytics service called the Office 365 Secure Score. The Secure Score is a security analytics tool that will help you understand what you have done to reduce the risk to your data in Office 365, and show you what you can do to further reduce that risk. We think of it as a credit score for security. Our approach to this experience was very simple. First, we created a full inventory of all the security configurations and behaviors that our customers can do to mitigate risks to their data in Office 365 (there are about 77 total things that we identified). Then, we evaluated the extent to which each of those controls mitigated a specific set of risks and awarded the control some points. More points means a more effective control for that risk. Lastly, we measure the extent to which your service has adopted the recommended controls, add up your points, and present it as a single score.
The core idea is that it is useful to rationalize and contextualize all of your cloud security configuration and behavioral options into one simple, analytical framework, and to make it very easy for you to take incremental action to improve your score over time. Rather than constructing a model with findings slotted into critical, moderate, or low severity, we wanted to give you a non-reactive way to evaluate your risk and make incremental changes over time that add up to a very effective risk mitigation plan.
The Office 365 Secure Score is a preview experience, so you may find issues, and you will note that not all of the controls are being measured. Please share any issues on the Office Network Group for Security. You can access the Secure Score at https://securescore.office.com.
The Secure Score does not express an absolute measure of how likely you are to get breached. It expresses the extent to which you have adopted controls which can offset the risk of being breached. No service can guarantee that you will not be breached, and the Secure Score should not be interpreted as a guarantee in any way.
Your Secure Score Summary
The first, most important piece of the Secure Score experience is the Score Summary. This panel gives you your current Secure Score, and the total number of points that are available to you, given your subscription level, the date that your score was measured, as well as a simple pie chart of your score. The denominator of your score is not intended to be a goal number to achieve. The full set of controls includes several that are very aggressive and will potentially have an adverse impact on your users’ productivity. Your goal should be to optimize your action to take every possible risk mitigating action while preserving your users’ productivity.
Risk Assessment
While the Secure Score is framed as a ‘gamification’ of your security, it is important to recognize that every action you take will mitigate a real world threat. This panel shows you the top threats for your tenancy, given your particular configuration and behaviors. Make sure you read about and understand the risks you are mitigating every time you take an action.
Compare Your Score
The Office 365 Average Secure Score is calculated from every Office 365 customer’s Secure Score. You can use this panel to get a better sense of how your score stacks up against the average. The specific controls that are passed by any given customer are not exposed in the average, and your Secure Score is private. Note that the Average Secure Score only includes the numerator of the score, not the denominator. So, the average points may be higher than you can achieve because there are points in controls associated with services that you have not purchased.
Take Action
Helping you figure out which actions to take to improve your score is the purpose of the Secure Score. There are three basic parts to the experience:
First, there is the modeler. Use the slider to figure out how many actions you want to review. Sliding to the left will reduce the number of actions in your list below, sliding to the right will increase the number. Each tick of the slider will add one control to the list. The target score shows you how much your score will increase if you take all the actions in the queue.
Second is the action pane. When you open this, you will see a description of the control, explaining why we think it is an effective mitigation, and what we observed about your configuration. We’ll also show you some details about the control such as the category (account, device, data), what the user impact of the action is (low or moderate) as well as your measured score. Clicking Learn More will open a fly-out pane that will walk you through taking the desired action.
Thirdly, you will see a remediation pane fly-out that explains exactly what you are about to change, and how it will affect your users. Eventually, the Launch Now link (which takes you to a separate security center now) will allow you to make the desired change right from the Secure Score experience.
Score Analyzer
Since the Secure Score experience is restricted to users that have been designated a Global Tenant Administrator, we wanted to make it easy for admins to analyze and report to their executives and stakeholders their progress on risk mitigation over time. The Score Analyzer experience allows you to review a line graph of your score over time, to export the audit of your control measurements for the selected day to either a PDF or a CSV, and to review what controls you have earned points for, and which ones you could take action on.
What’s Next
As mentioned, the Office 365 Secure Score is in a preview release. Over the coming months you will see us continue to add new controls, new measurements, and improvements to the remediation experiences. If you like what you see, please share with your network. If you see something we can improve, please share it with us on the Office Network Group for Security. We’re looking forward to seeing your scores go up, and making the Secure Score experience as useful, simple, and easy as it can be.
[vc_row][vc_column][vc_column_text]
Azure Import/Export Service is now available in Microsoft Azure Government
We are excited to announce the general availability of theAzure Import/Export Servicein Microsoft Azure Government. The Import/Export service allows migration of large amounts of data in and out of Azure blob storage by shipping hard disk drives directly to the datacenter. This service is suitable in situations where you want to transfer several TBs of data in or out of Azure Storage, but uploading or downloading over the network is not feasible due to limited bandwidth or high network costs. Some scenarios where this service can be used are data seeding, content distribution, recurring data update, offsite backup, disaster recovery.
Benefits of using Azure Import Export
Fast: We recommend using Azure Import/Export if loading data over the network would take 7 days or more. Shipping disks directly to the data center can save weeks or more off of network transfer time.
Secure: Data is secured by Bitlocker encryption. The keys are securely uploaded using SSL REST-API and do not travel along with the disk.
Reliable: The client tool has internal checksum logic to maintain data integrity. Various verbosity of logging is available directly in customer storage accounts making this process highly reliable.
While all import/export functionality is available, we currently only support the REST API interface for creation and management of import/export jobs in Azure Government.The Portal experience for Import/Export jobswill come in the new portal later this year. See below for details and samples for getting started with import jobs via the REST API.
[/vc_column_text][/vc_column][/vc_row]
[vc_row][vc_column][vc_column_text]
Why Every Small Business Needs a Backup and Disaster Recovery Plan
As a digitally active business in 2016, you can’t afford to lose your data. Whether at the hands of a natural disaster, human error, or cyber attack, data loss is costly and extremely risky. That’s why you need a backup and disaster recovery solution.
As a small business owner, you’ve probably asked yourself this simple question at least once: “What is BDR?” Well, the most basic definition is a combination of data backup and disaster recovery solutions that are designed to work together to ensure uptime, diminish data loss, and maximize productivity in the midst of an attack, natural disaster, or other compromising situation. In other words, BDR solutions keep businesses safe when trouble strikes.
According to research by Security Week, the total volume of data loss at the enterprise level has increased more than 400 percent over the past couple of years and the trend doesn’t appear to be slowing down any time soon. With the rise of big data, cloud computing, and BYOD policies in the workplace, it’s becoming increasingly challenging for businesses to protect their private data.
IT Web suggests that the total cost of data breaches will be more than $2.1 trillion by 2019. This is in part due to the fact that small businesses don’t always take security seriously. They wrongly assume that it’s the big corporations that face the highest risks. Unfortunately, this is a false assumption.
A Verizon report says that small data breaches -- those with fewer than 100 files lost -- cost between $18,120 and $35,730. Unless these are expenses that you can easily sustain, it’s time to implement a BDR plan.
Five reasons why SBOs need a BDR plan.
When small businesses don’t have a BDR solution/plan in place, it’s typically because they’re unclear about the true value of BDR.
Let’s review some of the top benefits to give you an idea of why these solutions are so important to the health of your small business.
1. Protects against effects of natural disasters. Whether it’s a flood, earthquake, hurricane, blizzard, or other extreme natural disaster, there are plenty of uncontrollable circumstances that can cause your business to experience downtime. And, according to the National Archives and Records Administration, more than 90 percent of companies that experience at least seven days of data center downtime go out of business within a year. Let that sink in. While a BDR plan won’t prevent a natural disaster from occurring, it will protect your data and ensure that downtime doesn’t compromise your company.
2. Lessens impact of cyber attacks. As more and more data is moved online, cyber criminals are increasing their efforts and focusing on businesses that they believe are unprotected. In most cases, this means small businesses that appear vulnerable. Once again, a BDR plan can limit the impact of an attack and can prevent your business from losing valuable data.
3. Keeps client data safe. Do you store a lot of confidential client or customer data? If so, you can’t afford to lose this data or let it slip into the wrong hands. A BDR plan ensures that all of this information is properly stored and controlled. As a result, you don’t have to worry about damaging your brand reputation, should an unforeseeable incident arise.
4. People make mistakes. While natural disasters and cyber attacks are discussed more than anything else, the reality is that your own employees are sometimes responsible for the biggest data losses. Mistakes happen and a single poor choice can end up compromising data. That’s why it’s so important for businesses not only to train employees properly, but also invest in backup solutions.
5. Systems fail. Finally, we all know that hardware, machines, and other systems fail. Regardless of how much you spend on your technology, no solution is perfect. Even systems that come with 99.9 percent uptime guarantees will falter every once in a while. As such, businesses must invest in robust BDR plans that account for all of these risks.
What to look for in a BDR solution.
Once you determine that your business needs a BDR plan in place, how do you find the right solution? While every business is different, start by analyzing the following:
•Hardware compatibility. Depending on the hardware that your business uses, you may need a BDR solution that’s specifically tailored to your current setup. Keep this in mind as you compare options.
•Scalable pricing. As your business grows over time, you’re going to collect and store more data. A flexible pricing model will allow you cost-effectively to scale according to your demands.
Around-the-clock support. You never know when disaster will strike. Make sure that your BDR vendor has 24/7/365 technical support available.
•Strong reputation. Finally, it’s important to consider the BDR solution’s reputation. How long has it been on the market? What do customers say? The answers to these questions will tell you a lot.
If you can find a BDR solution that meets these four criteria, then you’ve probably found the right solution for your business.
Protect your business.
Nobody wants to assume that something bad is going to happen to their business – and hopefully you’ll never be exposed to any of the risks highlighted in this article – but the harsh reality is that you’ll likely face one of these issues at some point in the future.
There’s no way to prevent a cyber attack, natural disaster, technical malfunction or uncontrollable human error, but you can protect your business from costly data loss by investing in a solution that aids in data backup and disaster recovery. Frankly, it’s unwise to wait any longer.
Managed Solution is a full-service technology firm that empowers business by delivering, maintaining and forecasting the technologies they’ll need to stay competitive in their market place. Founded in 2002, the company quickly grew into a market leader and is recognized as one of the fastest growing IT Companies in Southern California.
We specialize in providing full managed services to businesses of every size, industry, and need.
[/vc_column_text][/vc_column][/vc_row]
Contact us Today!
Chat with an expert about your business’s technology needs.
By Richard Blanford as written on www.infosecurity-magazine.com
