Databranch Monthly Tech Talk
IT Solutions for the Workplace
|
|
SonicOS Vulnerability
SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability that could be leveraged for an unauthenticated Denial-of-Service, or DoS, attack and/or potential Remote Code Execution (RCE) attacks
The resolution to this vulnerability is updating SonicOS Firmware to the latest version, 6.5.4.89.
At this time there is no indication that this discovered vulnerability is being exploited but as cyber attacks continue to happen at increasing volumes, Databranch is strongly recommending resolving the vulnerability before an attack or exploitation occurs.
To schedule a firmware update for your SonicWall devices, give us a call at 716-373-4467 x 14 or email service@databranch.com!
|
Why and How the DoD is Implementing the CMMC
The Department of Defense has been working to improve cybersecurity over the last several years.
News of nation-state sponsored theft of defense secrets makes the news on a regular basis.
The biggest source of sensitive intellectual property leaks is the hundreds of thousands of contractors that have access to sensitive but unclassified information called Controlled Unclassified Information or CUI.
In 2013, the DoD created a security requirement in the Federal Acquisition Regulations called DFARS 252.204-7012. A few years later, NIST released a security requirement named SP 800-171.
While both of these began to improve security for the defense industrial base, they did not solve the overall challenge. Compliance with DFARS is mandatory, as is compliance with NIST, but in most cases compliance with these regulations is based on the honor system - which has not worked.
The solution: Cybersecurity Maturity Model Certification (CMMC).
The release of the CMMC in 2019 is the first time the DoD has required contractors, sub contractors, and suppliers to be certified to participate in the DoD supply chain.
So what do you need to know?
- The DoD has required that all contractors and subcontractors "self-certify" they are compliant with NIST SP 800-171 by November 30, 2020. This self-certification includes posting audit scores and your expected date of compliance to the SPRS portal.
-
The government is now requesting that all DoD contractors and sub-contractors be in compliance with CMMC by 2025.
- Companies need to look at their existing maturity with DFARS 800-171 and understand what CMMC Level (1, 2, 3, 4, or 5) they need to be in compliance with moving forward.
- The DoD entity will dictate what Level of Compliance the contractor or sub-contractor must be at.
Databranch and Cyberstone are here to help! Cyberstone received Registered Provider Organization status from the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) and are well positioned to provide advice and consulting services to organizations seeking CMMC certification.
The steps are easy: Connect with Databranch and Cyberstone to schedule a maturity assessment engagement.
Understand the gaps in your maturity level and develop a roadmap for compliance: technology changes may require budget cycles to resolve.
Don't wait! The DoD wants to see policy and practice within your organization for an 8-12 month period BEFORE they audit and issue a certificate of compliance.
Once deemed compliant, the compliancy level is good for a three-year period.
To learn more about how Databranch and Cyberstone can help your organization prepare for the CMMC, give us a call at 716-373-4467 x 15 or email alasky@databranch.com!
|
|
Give us a call at 716-373-4467 x 15, email alasky@databranch.com, or click here to get started!
|
|
When Was Your Last Review?
Don't worry, we are not talking about micro-managing.
What we want to talk about is reviewing who in your business has access to which documents.
Or can everyone access everything?
You may need to make some changes; the more people that have access to your business documents, the less secure they are.
|
|
Let’s imagine for a moment, that one of your people opens a very convincing email, supposedly from a supplier. The email contains a document to download, which they do, because it’s from a supplier and they trust it.
What your employee didn’t notice was that the email signature was missing, and the email address wasn’t the same as it usually is. Unfortunately, now the document they downloaded has installed malware on their device.
They don’t notice the malware because everything looked legitimate and nothing obvious had happened. They continue their working day unaware.
While they’re working, the malware is working too, in the background. It’s accessing and copying all of the data that your employee has access to.
You might get lucky and stop this malware before it enters your network and takes everything, but if your employee already has access to everything, then it may be gone. Although this isn’t a malicious act on behalf of the employee, they’ve essentially caused a huge data breach that could be detrimental your business.
The reality is this scenario doesn’t even need the malware to occur. One day a member of your team might decide they’d like to make a little money by stealing your valuable data. By giving everyone access to everything, you’re making it too easy for them to potentially take this path.
So, if you haven’t already done this, we suggest that this week you make it a priority to sit down and work out who needs access to which files and documents and restrict access to absolutely everything.
Keep your own document detailing who has access to what. And update it whenever anyone joins the business or changes roles. This is also a great way of protecting your data when somebody leaves, because you can see exactly what you need to revoke access to.
We recommend you ask yourself three questions:
- If you already restrict access, when was the last time you reviewed it?
- Are people able to access files they no longer need?
- Are there people who could benefit from access to more documents to complete their role?
Yes, that’s a lot to think about. But once you have a detailed document to work from, regular reviews are pretty simple and definitely worth your time.
Databranch can help keep your data and information safe, as well as help prevent malicious activity from occurring. Give us a call at 716-373-4467 x 15 or email info@databranch.com to review how we can help!
|
|
Are You Already Under Attack?
Ransomware is big business. It’s one of the fastest growing online crimes, and if you haven’t already been targeted, it’s likely you will be at some point in the future.
It’s the computer crime where your data is encrypted so you can’t access it, unless you pay the ransom fee.
The really scary part is that it’s unlikely you’d realize you were under attack from ransomware until it was too late.
Cyber criminals hide in your network for between 60 to 100 days before they strike. During that time they’re checking out your network, identifying vulnerabilities, and preparing what they need to hit you with the attack.
And they do all of this without leaving much of a footprint for you to discover.
Fortunately, there are a number of signs you can be on the lookout for, to identify an attack and stop it in its tracks.
|
|
Open RDP Links
What’s an RDP link? How do you open or close one?
RDP - or Remote Desk Protocol - is Microsoft technology that allows a local PC to connect to a remote device. You’d use it if you’ve worked from home. And many people neglect to close their open RDP links when they’ve finished with the connection, allowing cyber criminals easy access.
Scan for open ports regularly and start using multi-factor authentication (where you generate a login code on another device) if you don’t already.
Unfamiliar Software
Noticed new software on your device lately? It’s probably not an update.
Hackers typically gain access to one device, and then use particular software tools to access the entire network. Look out for anything you haven’t noticed before, but particularly apps called Angry IP, Advanced Port Scanner, and Microsoft Process Explorer.
New Administrators
Noticed a new admin on your system? It’s worth double checking to confirm your IT team has added the new user.
Cyber criminals will set themselves up as administrators so that they can download the tools they need to carry out their attack of your network. To do this they may use the software mentioned above, along with Process Hacker, IOBitUninstaller, or PCHunter.
These are all pieces of software that your business may legitimately use but they can also be used to uninstall security tools.
Disabled Software
Of course, to carry out the perfect attack, your security software needs to be disabled. Some things like Active Controller and domain controllers will be disabled when the attack is imminent and it’s likely that your back-up will be corrupted too.
Ensure that someone is regularly checking that software is active, and your backup is working as it should be.
Remember, ransomware attacks are usually slow, so these things won’t all appear at once. Vigilance is key here. Keep an eye out for anything unusual, and if you do spot something, no matter how minor, report it straight away. It could help stop a significant, costly attack on your business.
Databranch offers the resources to help you and your team elevate your security posture to prevent attacks before they happen. Give us a call at 716-373-4467 x 15 or email info@databranch.com for more information!
|
|
WE LOVE REFERRALS
The greatest gift anyone can give us is a referral to your friends. Referrals help us keep costs down so we can pass the savings to our clients.
If your friend ends up becoming a client - we’ll gift them a free first month of service (for being a friend of yours) AND we’ll gift you a $100 Amazon Gift Voucher.
Simply introduce me via email (dprince@databranch.com) and I’ll take it from there. I personally promise we’ll look after your friend’s business with a high level of care and attention (just like we do with all our clients).
|
|
Technology Trivia
What is Google’s Android mascot unofficially known as?
The first person to email us at info@databranch.com and give a correct answer gets a $25 Visa Gift Card
|
|
NEED A LAUGH?
What is the biggest lie in the entire universe?
“I have read and agree to the Terms & Conditions”
|
|
Databranch | www.databranch.com
|
|
|
|
|
|
|
|
