Barracuda

Reclaim Your Network

You are here: Home / Archives for Barracuda

Time to Turn SMB Herd Mentality into a Mutual Defense Strategy

by Leave a Comment

When it comes to IT security most small-to-medium (SMB) businesses have a herd mentality. They know there are predators. They just assume that given the size of the SMB they figure that the odds are good some company other than them will fall victim. What that thinking fails to account for is how efficient the predators are becoming at hunting.

A new report from Malwarebytes, a provider of malware removal tools, published this week makes plain the size and scope of the problem. The report finds that amount of malware being discovered with SMB organizations in the U.S. with fewer than 1,000 employees from the first quarter of 2016 to the same period in 2017 has increased a startling 165 percent. Even accounting for the fact that organizations might be getting better at discovering malware, that increase in volume suggests that either there are a lot more predators or they have become much more efficient in terms of launching attacks. The truth is a little bit of both. Cyber criminals have developed an elaborate marketplace through which they sell and share exploits. That makes it simpler for cyber criminals with limited skills to employ malware. At the same time, cybercriminals are taking advantage of bots and adware to spread malware more broadly than ever.

[Read more…]

Wannacry, Erebus, and Mole make it a big week for ransomware

by Leave a Comment

There’s so much going on with ransomware that we can’t stick to just one topic.  This week we’ll take a look at three interesting attacks that occurred around the world. 



Let’s start with Wannacry, which is probably the most famous ransomware in history.  Last time we talked about this ransomware, it was in full attack mode around the globe.  Eventually, this attack settled into an ebb and flow pattern, on a much smaller scale.  The news around Wannacry had slowed to a trickle until Monday, when attackers were able to successfully use the ransomware against Honda networks in North America, Japan, Europe, and China.

In response to this attack, Honda stopped operations at its Sayama plant, which manufactures about 1,000 vehicles per day.  Sayama operations were back online by Tuesday, and no other facilities were impacted by the ransomware.  Honda did make an extra effort to secure its systems during the May attack and gave no details on how the ransomware made its way into the systems this week. 

[Read more…]

Barracuda Cloud Research Confirms Growing Usage and Remaining Security Concerns

by Leave a Comment

Today Barracuda published the white paper titled “Unlocking the Benefits of Public Cloud,” that takes a deep look into the usage, benefits, challenges, and security trends that organizations are experiencing around the public cloud. The research was conducted alongside tech research firm Vanson Bourne, with the survey results including responses from 1300 organizations in various regions around the world including the Americas, Europe, Middle East, Africa, and Asia. The full report offers detailed information about cloud usage data, confirms outlook, and discusses some of the main security concerns organizations have around the public cloud.   [Read more…]

Ransomware and K-12 – Threats and Solutions: Training and Awareness

by Leave a Comment

*Note: This is the first post in a multi-part blog series that addresses ransomware threats and solutions in K-12 environments.

In February of 2016, South Carolina’s Horry County School District had no choice but to pay a $10,000 ransom to unlock critical data and systems following a ransomware attack. But, could the attack have been prevented — or perhaps after the school district was attacked, could they have avoided paying the ransom?

It’s no secret that we’re right in the middle of a ransomware epidemic, where the example here of Horry County having to pay to unlock critical files has become far too common. But what if Horry County’s users were more aware of how to detect possible threats like ransomware? Would the outcome have been different? Let’s take a look at why proactive user training and awareness can help keep students and faculty stay safe from cyber threats. 

[Read more…]

Are You Cloud Ready? Q & A – Does Your Cloud Provider Recommend the Solution?

by Leave a Comment

Note: This is the fifth and final post in a multi-part blog series on Cloud Ready security questions. You can follow the entire Security Questions series here, and follow the Barracuda Cloud Ready blog here.

In this final edition of our Cloud Ready blog series, we take a look at why it’s important to know if your current security vendor’s solution is recommended by the cloud provider that you’ll be using. This might seem like an obvious step to take, however, too many vendors place claims about being prepared to secure cloud workloads yet complications arise once you’re already too invested. So, let’s talk about it as we address our final question from the list:

10. Does your public cloud vendor recommend the solution?  

Amazon’s EC2 might be a decade old, but the cloud remains a nascent, rapidly growing, and evolving entity. Customers are also beginning to look at the different cloud providers from the standpoint of traditional strengths and weaknesses, regardless of how valid those comparisons may be in today’s multi-cloud world.

[Read more…]

Top Security Technologies for 2017 Put Too Much Strain on the IT Budget

by Leave a Comment

 At the Gartner Security and Risk Management Summit 2017 conference held this week, Gartner unfurled what it describes as the top security technologies IT organizations should be employing in 2017. They include:

  • Cloud Workload Protection Platforms: Hybrid cloud workload protection platforms (CWPP) that provide an integrated way to protect workloads via a single management console as well as a single way to express security policy, regardless of where the workload runs.
  • Remote Browser: By isolating the browsing function, Gartner says malware is kept off the end-user system. That, in turn, reduces the surface area for attack by shifting the risk of attack to the server sessions, which can be reset to a known good state on every new browsing session, tab opened or URL accessed.
  • Deception: Deception technologies are defined by Gartner as the use of deceits, decoys and/or tricks designed to thwart, or throw off, an attacker’s cognitive processes, disrupt an attacker’s automation tools, delay an attacker’s activities or detect an attack. By using deception technology behind the enterprise firewall, enterprises can better detect attackers that have penetrated their defenses with a high level of confidence in the events detected. Gartner says deception technology implementations now span multiple layers within the stack, including endpoint, network, application, and data.

[Read more…]

What can we learn from the UCL ransomware attack?

by Leave a Comment

Just in time for our Thursday ransomware post, news breaks that University College London has been hit by a ransomware attack that brought down the UCL student management system as well as shared network drives.  Some of the closely related University College London Hospitals have also shut down their email systems to quarantine themselves from attack.  There are no reports of the hospital group being affected by the ransomware other than this preventative downtime.

What do we know?

The particular ransomware strain is unknown, as is the infection method.  UCL initially believed that the ransomware attack was launched through a phishing attack on Wednesday afternoon (BST).  Phishing is one of the most common methods of ransomware deployment.  According to a recent report by PhishMe, the number of phishing emails hit 6.3 million in the first quarter of this year, and 93% of them included ransomware.

Put simply; a phishing attack is an email designed to trick the recipient into taking a particular action.  The action may be to enter credentials into a form, visit a compromised website, or open a malicious attachment.  Attackers research their targets and craft their email attack based on what they learn.  A more sophisticated version of this is a spear phishing attack.  Spear phishing is more personal and has a higher success rate.  There aren’t enough details about the UCL attack to know what kind of phishing may have been used to deploy the ransomware. 

[Read more…]

Barracuda

Resources


Websites

Contact Us

Follow Us