No doubt you’ve read the recent news that NHS services across England have been hit by a large-scale cyberattack and they have elected to protect their IT systems by shutting them down as a precaution.
One point to note from this is that the attack was not specifically targeted at the NHS and is affecting organisations across a range of sectors. The ransomware spread is agnostic – it is not bothered by size or value (the ransom request itself is only reported to be £230), small businesses to large enterprises are being hit. It is widely reported that over 100 countries have been hit by the “WannaCry” ransomware.
It has become apparent that the attack was started by exploiting a vulnerability in a software and then, in turn, a dial back being started to the killswitch domain, which encrypted the target endpoint… this has been replicated thousands of times globally. The technology behind the attack is nothing special in the scheme of how second generation malware has moved on in recent years, this is a relatively straightforward attack. It is a very worrying state of affairs that so much damage has been caused.
What SMBs need to understand is that they do not have the recourses to be able to deal with attacks like this, in the same way, the NHS does… They don’t have unlimited funds to throw at a resolution or deal with the inconvenience. An attack like this could ruin an SMB.
Brigantia partners with only best in class vendors, we have a strong specialism in cybersecurity (www.brigantia.com/vendors). One of our best in class vendors could and should have protected you.
Heimdal Security CORP – the cyberthreat security suite with 5 key layers which ensures proactive protection against cyberattack.
Patching of vulnerabilities
Heimdal automatically and silently patches software vulnerabilities, on a key performance indicator of 4 hours. No manual intervention is required, it is simply set and forget.
- 46% of IT decision makers mentioned hardware or software vulnerabilities as one of the most important internal security challenges they face.
- According to Homeland Security’s cyber-emergency unit, US-CERT, as many as 85% of all targeted attacks can be prevented by applying a security patch.
Blocking Internet traffic used to deliver attacks
Heimdal Security blocks malicious internet traffic that carries malware and blocks redirects. Any website can become infected due to a targeted attack or simple mismanagement. Heimdal Security prevents infection by filtering HTTP/HTTPS and DNS level traffic. One of very few that have the skills to work at DNS level.
Blocking and removing malware communication when penetration occurs
When infected, Heimdal stops the malware from communicating between the endpoint and the cyber criminal’s infrastructure (malicious websites, Control & Command servers). 91.3% of ransomware dials back for its encryption key via DNS traffic. Heimdal filters DNS level traffic and blocks these malicious dial backs. As such the encryption key cannot execute and encrypt the endpoint. The killswitch domain used in the “WannaCry” attack is blocked by Heimdal Security. It would have prevented encryption from ever happening.
For more information on Heimdal or to request a free 30-day trial email partnersupport@brigantia.com, contact your account manager or call 020 3358 0090.