We’ve been tracking this closely and found that the combination of our email defense, patching policies and Webroot malware practices has been effective preventing the global attack from impacting our client base.
This particular payload is delivered via email (zip file) which then launches a hunter trojan that spans the network, attacking known Windows OS vulnerabilities. While our front end systems quarantines zip files, the combination of all our products that help protect clients. For instance, clients who open the payload from their gmail, yahoo or other email accounts on work PCs are bypassing the email defense, but DivergeIT’s patching and malware protection becomes critical protection. Additionally, having active backups and restore points will allow us to recover data should a PC or server become hit with ransomware.
Client: No Reported Incidents of Ransomware
* Email Defense: client has our recommended email filtering product in place.
* Internet Browsing Defense: client’s network and internet browsing is being filtering outside of the office, prior to the information from the websites being displayed onto your computers.
* PC Patching: client’s PCs are actively patched on a regularly scheduled and the team reviews status on weekly basis of all our clients.
* Anti-Virus and Anti-Malware: client’s PC configuration includes DivergeIT webroot which is actively updated, maintained, and monitored by our support teams.
* Backup: client’s servers are being backed up on-site multiple times per day, and off-site every evening. In the event your servers were compromised, we would not need to go down the bitcoin route as we would simple be able to restore your most recent backup.
Although these new attacks are causing a justifiably high level of concern, DivergeIT has taken pride in the fact that not a single one of our clients that have our security suite in place have been impacted by these new threats. What’s more, is that simply having these systems in place is only about a quarter of the battle. Ensuring these systems are being actively tracked, managed, and there is reporting/altering for deviation is how we have been able to ensure our clients are not being impacted.