Kazmarek

Free Site Analysis 1-858-952-5400
REMOTE ASSISTANCE
  • Home
  • OnGoing Management
  • IT Services
    • Microsoft 365, Exchange Services, and Consulting
    • Cloud Solutions
    • Virtualization
    • Mobility
    • Backup & Disaster Recovery
    • Server Installation/Migration
    • VoIP
    • Network & System Administration
    • Additional Solutions
  • Why Kazmarek
    • Case Studies
    • Testimonials
    • KTS Values
  • For Clients
    • O365 Log In
    • Client Portal
    • KTS Documents
    • SonicWALL VPN Client
  • News
    • Newsletters
  • Who We Are
    • Company
    • Team
    • KTS E-Award Winners
    • KTS Values
    • Charities We Support
  • Contact Us
    • Contact Us
    • Careers

Issue No. 119July 2022

Learning from the SHI International Malware Attack

Over the 4th of July weekend, SHI International, one of the world’s largest IT service providers, experienced what the company has termed a ‘professional and coordinated’ malware attack. As of this writing, the company is still working to restore connectivity to its systems and infrastructure so that they can service their 15,000 customers. SHI has brought in federal law enforcement and forensic investigators to continue their cleanup process, but do not believe that any sensitive customer data was compromised or exfiltrated as part of the hack.

No matter the vector of the SHI attack, the reverberations of a cyberattack of this size and scope will be felt for some time. Although the company appears to be taking the correct steps to mitigate the situation and assuage their customer’s concerns, attacks of this nature highlight just how vulnerable any business can be to a cyber or ransomware attack. Additionally, SHI’s posture in addressing the attack (engaging with law enforcement and a forensic IT team) show the seriousness of an attack of this nature, and how it can bring even a large enterprise to its knees temporarily.

What does this mean for organizations solidly in the SMB space? Many businesses ascribe to what is termed ‘security through obscurity.’ Essentially, the idea is that they don’t need to worry as much about securing their infrastructure as a large organization, as they are not a target for cyber-criminals. Attacks like the one that SHI is still attempting to mitigate show in stark relief the wrong-headedness of this belief. Although SHI is a large organization solidly in the enterprise space, their client base is not. An IT provider like SHI potentially has hooks into a huge number of small businesses, each that must in turn be worried about their level of exposure, especially since SHI is still trying to determine the breadth of the attack they experienced.

The idea that the security of your business’ critical systems and infrastructure could be compromised because of a breach at a trusted vendor is likely horrifying to many reading this. Unfortunately it is also increasingly the norm. Attackers look for any exploitable inroad into a company they’re looking to exploit. As security has increased in the enterprise space, attackers are typically unable to breach a network using any type of ‘brute force’ method. Instead, they usually rely on an exploit of some kind. This might be an employee who’s system is vulnerable, an unpatched Operating System on a computer inside the work, or a longstanding vendor relationship. Depending on the nature of the vendor, the level of access they have to mission critical systems makes an obvious choice for an attacker looking to collect a ransom payment, gather exploitable credentials, or valuable personal data about a company’s clients.

To mitigate attacks of this nature, it is important to take a multi-layered approach to security. Having a business-class firewall is a good first step, that should also be layered on with a robust antivirus/EDR (Endpoint Detection and Remediation) solution, email filtering, staff training, etc. Securing your business is truly a moving target, and business leaders must continue to educate and innovate to stay one step ahead of attackers. If you have any concerns about the security posture of your business, consult an IT professional.

Written by KTS Operations Manager, Tristan Collopy

Testimonials

Testimonials

“We’re building a solid IT foundation to be able to go where we need to be for growth and success. I couldn’t be more pleased with KTS’s performance and progress on our IT Projects.”

Shawn Ellis, CFO Custom Logos

Testimonials

“Both company email migrations have were completed without a problem. Thanks to your team both transitions went smooth.Everyone with your group are both knowledgeable and professional, and you should be proud of the organization you are building.”

John Sonnen, IT & Security Director Child Safety Network

Testimonials

“We have been using KTS for our IT support for about a year now, and we are very pleased with the service we have received. Chris has been our first line person, and has been able to resolve issues quickly, and often remotely, which helps reduce costs. Our staff has really appreciated his fast response and resolution to the issues that have come up. We have also appreciated that there are other folks at KTS who can fill in if Chris is out. Thanks to all!”

Suzy Halleland, Executive Administrator Village Church

Testimonials

“I think you know we have been very happy with your service and are very grateful to have been referred to you guys. But on a more personal note, I want you to know that Kevin in your office has provided a service for us that is way over the top.”

Jeff Golumbuk, CEO Custom Logos

Testimonials

“I just wanted to thank you and your staff for the excellent service and work provided by KTS.  It has been night and day compared to our old third party IT consultant.”
Nick Walters, VP Project Management West Coast General Corp.

Testimonials

“I wanted to let you know that I am absolutely delighted with the service we have received from you and your team so far. I know we put you in a tough position with such short notice of having to jump in and take over, and we really appreciated that. But there are many other reasons as well. First, I’m so glad they discovered the hard drive problem right away, as that could have caused us a huge issue as you well know. Second, everyone that I’ve had the pleasure to work wi… Read more
Jo Barsa, CPA Barsa & Company

Testimonials

“Kazmarek is fantastic!  I’ve used every size of IT company over the past 20 years and Kazmarek is by far superior to all I’ve used.  We are extremely happy with their service and expertise.  One of the things I like most about them is that they have engineers available to respond to our prioritized needs but they also wanted to give us the best customer service possible so they went above and beyond and put in place an escalation plan so that if I feel the response time i… Read more
Marisa Janine-Page, Partner Caldarelli Hejmanowski Page & Leer LLP

Testimonials

“I have thoroughly enjoyed working with the Kazmarek team through the years! They are responsive and have a great team to work with, whether it’s day-to-day IT needs or special projects. ”
KC Martin, HR Director Full Swing Golf

Testimonials

“As a local San Diego business, we were looking to partner with another local business after our IT needs just weren’t being met with a nationwide provider. We could not be happier with our decision since KTS has been very swift, attentive, and collaborative with our IT needs over the past three years. Their engineers, support desk, and managers are patient and able to effectively communicate issues and solutions to a layperson which speaks volumes about their hiring and customer… Read more
Carrie Lamb, Project Manager Chuao Chocolatier

When Was Your Last Backup?

When Was Your Last Backup?

If you don’t know, you’re not alone.
Find out more

Join Our Newsletter

Join Our Newsletter

Free On-Site Analysis

Free On-Site Analysis

Contact us to receive a 1-hour complimentary evaluation.
Learn more here.
  • This field is for validation purposes and should be left unchanged.

Copyrights: © 2023 Kazmarek. All rights reserved.

Designed by TinyFrog & N Halie Designs