Kazmarek

Free Site Analysis 1-858-952-5400
REMOTE ASSISTANCE
  • Home
  • OnGoing Management
  • IT Services
    • Microsoft 365, Exchange Services, and Consulting
    • Cloud Solutions
    • Virtualization
    • Mobility
    • Backup & Disaster Recovery
    • Server Installation/Migration
    • VoIP
    • Network & System Administration
    • Additional Solutions
  • Why Kazmarek
    • Case Studies
    • Testimonials
    • KTS Values
  • For Clients
    • O365 Log In
    • Client Portal
    • KTS Documents
    • SonicWALL VPN Client
  • News
    • Newsletters
  • Who We Are
    • Company
    • Team
    • KTS E-Award Winners
    • KTS Values
    • Charities We Support
  • Contact Us
    • Contact Us
    • Careers

Newsletter – July 2022

February 22, 2023 by Propeller Marketing

Issue No. 119July 2022

Learning from the SHI International Malware Attack

Over the 4th of July weekend, SHI International, one of the world’s largest IT service providers, experienced what the company has termed a ‘professional and coordinated’ malware attack. As of this writing, the company is still working to restore connectivity to its systems and infrastructure so that they can service their 15,000 customers. SHI has brought in federal law enforcement and forensic investigators to continue their cleanup process, but do not believe that any sensitive customer data was compromised or exfiltrated as part of the hack.

No matter the vector of the SHI attack, the reverberations of a cyberattack of this size and scope will be felt for some time. Although the company appears to be taking the correct steps to mitigate the situation and assuage their customer’s concerns, attacks of this nature highlight just how vulnerable any business can be to a cyber or ransomware attack. Additionally, SHI’s posture in addressing the attack (engaging with law enforcement and a forensic IT team) show the seriousness of an attack of this nature, and how it can bring even a large enterprise to its knees temporarily.

What does this mean for organizations solidly in the SMB space? Many businesses ascribe to what is termed ‘security through obscurity.’ Essentially, the idea is that they don’t need to worry as much about securing their infrastructure as a large organization, as they are not a target for cyber-criminals. Attacks like the one that SHI is still attempting to mitigate show in stark relief the wrong-headedness of this belief. Although SHI is a large organization solidly in the enterprise space, their client base is not. An IT provider like SHI potentially has hooks into a huge number of small businesses, each that must in turn be worried about their level of exposure, especially since SHI is still trying to determine the breadth of the attack they experienced.

The idea that the security of your business’ critical systems and infrastructure could be compromised because of a breach at a trusted vendor is likely horrifying to many reading this. Unfortunately it is also increasingly the norm. Attackers look for any exploitable inroad into a company they’re looking to exploit. As security has increased in the enterprise space, attackers are typically unable to breach a network using any type of ‘brute force’ method. Instead, they usually rely on an exploit of some kind. This might be an employee who’s system is vulnerable, an unpatched Operating System on a computer inside the work, or a longstanding vendor relationship. Depending on the nature of the vendor, the level of access they have to mission critical systems makes an obvious choice for an attacker looking to collect a ransom payment, gather exploitable credentials, or valuable personal data about a company’s clients.

To mitigate attacks of this nature, it is important to take a multi-layered approach to security. Having a business-class firewall is a good first step, that should also be layered on with a robust antivirus/EDR (Endpoint Detection and Remediation) solution, email filtering, staff training, etc. Securing your business is truly a moving target, and business leaders must continue to educate and innovate to stay one step ahead of attackers. If you have any concerns about the security posture of your business, consult an IT professional.

Written by KTS Operations Manager, Tristan Collopy

Categories

  • Active Directory
  • Backup Exec (All Versions)
  • Blackberry / Blackberry Enterprise Server
  • Citrix
  • Cool Tech Stuff
  • CRM
  • Dell
  • Exchange 2007
  • Exchange 2010
  • Exchange 2013
  • Exchange Hosted
  • Exchange Server
  • Group Policy
  • IIS
  • Kaseya
  • kazmarek
  • MacOS
  • Microsoft
  • Networking
  • newsletter
  • Office
  • Office 365
  • Office Communications Server
  • OfficeScan
  • Outlook
  • Printing
  • SBS 2003
  • SBS 2008
  • SBS 2011
  • Server 2003
  • Sharepoint
  • Spyware
  • SQL
  • Symantec
  • Terminal Server
  • Thawte
  • Trend Micro
  • Uncategorized
  • Virtual Server
  • Websense
  • Windows 7
  • Windows Mobile
  • Windows Server 2008
  • Windows Server 2012
  • Windows Vista
  • Windows XP Pro/Home
Copyrights: © 2023 Kazmarek. All rights reserved.

Designed by TinyFrog & N Halie Designs