Security Update | Vol 4: Cyber Security Framework, Security News, and Patching Updates

Bill Goldin
By Bill Goldin | Jul 20, 2017 9:10:26 AM

Security Update (1).png

During a client satisfaction survey conducted last year, we found that respondents were most likely to name security as their top priority for the upcoming year. In our continued effort to bring awareness to trending security topics and news, we will be issuing a security update on a monthly basis.

This update includes our security roundup, which looks at the best way to prepare for eventual cyber attacks. You'll also find data on trending security related headlines, and some important notes on recent vendor patches.

We welcome all feedback as we strive to keep our community safe and secure.

 

Security Roundup: Cyber Security Incidents- Not if, but When

cyber security_google_labeled for reuse.jpgAs I’m sure you’ve seen over the past few weeks, months, and even years, Cyber-attacks are all over the news and happening in businesses like yours every day. It is an unfortunate fact that we’re no longer working with a matter of if you’ll see an attack, but when it will take place, and what the impact will be on your business.

The first question we often hear when discussing cyber security is “what can we do to prevent this?”  Our answer is always the same: not all attacks can be prevented, but you can greatly reduce the impact and frequency of the attacks by properly planning for when the event occurs and being ready for it when it does.

So how does one plan for a Cyber-attack? The first step is acknowledging that cyber security is real, and a necessary part of your business. Cyber security is not a onetime project, but a continuing process that is part of your IT and business plans.

Next, you should follow a set of best practices to constantly review and improve your security posture.  We adopted the National Institute of Standards and Technology (NIST) Cybersecurity framework and follow this method when consulting our clients.  The NIST framework breaks the process down into five key areas:

  • Identify - What assets you have, what data is most important
  • Protect - Tools and services used to protect your data and assets
  • Detect – your ability to be notified of a security event
  • Respond – How your respond to a cyber incident
  • Recovery – What you need to do to recover from an incident

Using this method, you can determine what areas you are currently doing well in and where you need to dedicate more time for improvement. 

You can find more information about the NIST framework and Lloyd’s security practice here.

 

World Headlines

Mac Lock_labeled for reuse_google.jpgIn this section, we highlight articles referencing important and fascinating updates in security news. 

  • We recently saw the release of “MacRansom,” a ransomware program targeted to attack Macs. With the recent media focus on Windows related attacks, hackers have started to shift their focus to Apple’s Mac operating systems. MacRansom popped up on the dark web as “Ransomware as a Service”, meaning anyone can download it for a price and distribute.  To avoid any accidental downloads of this ransomware, we recommend only downloading software from Apple’s App store, and staying away from third party websites where possible.
  • In addition to MacRansom, Mac users also saw a new spyware program called “MacSPY,” which is being touted as the most sophisticated Mac spyware ever. To name a few of its capabilities, when running on your machine MacSPY will record all your keystrokes, capture your screen every 30 seconds, record your voice or any sound it hears near the computer, steal your browser data and can acquire photos from ICloud accounts.  If that wasn’t enough, it takes all computer data and encrypts it using TOR (a secure and anonymous browser). Luckily, the developers of this spyware didn’t take all the necessary actions in order to fully automate the process, so the install process still needs to happen, and most Mac OSs will prompt the user about missing digitally signed certificates which is an immediate red flag.  

 

Lloyd Patch Watch

We want to give our community a "heads up" on some important updates involved in Lloyd's workstation and server patching process.

  • Adobe released patches for Flash and shockwave in Mid-June to address some remote-control exploits. Third party applications exploits are on the rise and should be set to auto update where possible.   Just another example of how staying up to date on software patches can mitigate a potential attack.
  • Microsoft’s monthly patches this month addressed 92 vulnerabilities with 17 tagged as critical. These patches were for Windows, Skype, SharePoint, Edge, Office, and Internet explorer. 

Thank you for reading our update! Please reach out with any comments, questions, or feedback.

Topics: Security Newsletter, Cyber Security, Cyber Attacks, Ransomware

Contact Us  See how Lloyd can help grow your business.  Let's Get Started!