I really hate hearing from customers and prospective customers that we were right and that they wish they had taken our advice to harden their systems and implement tighter security controls before their breach. Feedback from customers suggests the inconvenience of implementing additional controls is often what keeps them from taking action as opposed to the cost, which is negligible for some of the most effective controls like Multi-Factor Authentication (MFA). If you think the controls are inconvenient, you should spend some time visiting with someone who has been through a breach.

The most likely cyber-attack a small business will experience is an email breach which quickly lead to real payment fraud losses, reputational damage, and compliance risk. Once a criminal organization (yes, there are organizations attacking your small business) has success breaching one email account, you can expect the attacks to increase in volume and sophistication. Businesses can dramatically reduce email breach risk with relatively little cost and yes, some minor inconvenience.

Take the Next Steps

If you own a business or have are responsible for managing business risk, you need to take steps to protect your business, your shareholders, your employees, your vendors, and most importantly your customers. You must take action to implement additional controls. Start by asking your IT professionals to implement controls for yourself so you can understand first-hand how the controls protect your business and the level of inconvenience the controls may cause. This puts you in the best position possible to make informed decisions about how to protect your business and champion initiatives to tighten controls.

If you’ve done nothing to date, start with implementing MFA for your business email and then work with an IT professional to constantly review and improve security controls around all your systems and data.

I’m right and I hope I never have to tell you “I told you so”.

Your business is vulnerable to cyber criminals, period.

The truth is that no business is fully “secure”. Rather, businesses assume various amounts of acceptable risk. Your responsibility is to figure out where your organization lies on the security spectrum, how much cyber risk you are willing to comfortably assume, and continually act to reduce your risk to those levels.

We understand that most businesses, especially SMB’s, can’t and won’t do everything their IT provider may recommend. This is true for a myriad of reasons including operational efficiency, timing, focus on your core business, and of course budget considerations. We also believe that most businesses do not realize the amount of risk which they current assume. If you did, you would likely already be doing more!

To this end, Go West IT has developed our “Top Ten Task to Mitigate Cyber Risk”

Review your security posture with your current IT provider and discuss how to implement the next best thing you can do to reduce your risk (HINT: If you’ve done nothing to date, start with backups, patching, and multi-factor authentication). If you need help please give us a shout, our experts will help you recognize, plan, and take the steps to mitigate your risk.

Understand where you are today… know where you want to be tomorrow… build the roadmap to get you there. You can reduce your risk, get started today!

David Lewien
President, Go West IT

Download the PDF: Top Ten Tasks to Mitigate Cyber Risk
303-795-2200
info@gowestit.com
www.gowestit.com

Go West is providing this security alert as a cautionary measure for users with a consumer grade router or network attached storage device at their home or small business.  Due to a recent malware attack known as VPNFilter, the FBI and US-CERT are encouraging users with home devices from Linksys, MikroTik, NetGear, TP-Link and QNAP to reboot the device.  Users should also ensure device firmware is up-to-date and change passwords on these devices.

What Is It
VPNFilter targets small home and office routers and network attached storage devices.  Once infected, the device allows criminals the ability to launch further attacks, collect personal website information, block network traffic, or they can render the device completely unusable.

Official US-CERT alert statement: https://www.us-cert.gov/ncas/alerts/TA18-145A

Manufacturers LinksysMikroTikNetgearQNAP and TP-Link have posted instructions for users to follow to update their device software.

How Does It Impact Me
There is very little risk associated with this malware attack for commercial organizations utilizing business grade devices.  However, it is vital that organizations be aware of the vulnerability for remote users connecting from a home office.  Those users are more likely to be using a consumer grade router and should follow the recommended procedures.

If you have concerns or questions regarding a potential consumer grade router at your business please reach out to Go West support at support@gowestit.com.

I recall a time when IT professionals adopted the “if it’s not broken, don’t fix it” approach to patching. To be sure, there was a time when patching firmware and software might have introduced more problems. That time is long gone. Aggressive patching is the new normal. Gone too are the days when a diligent IT person might go around to all the computers, servers, firewalls, switches, and other network attached devices and get them patched. That manual approach is no longer feasible and adhering to a manual patching plan is foolish. The nature of the modern cybersecurity landscape requires a platform which identifies patches that are needed, facilitates automated patching, and provides reporting & alerting to uncover anomalies.

Look no further than the Intel chip security vulnerabilities (Meltdown & Spectre) publicized this first week of 2018 for evidence of this new norm. When Operating System patches are released to mitigate this newly divulged flaw it will be critical that the patches are applied as quickly as possible.

Go West IT offers managed service plans that utilize state of the art remote monitoring and management platforms designed to keep systems updated and rapidly apply patches when new vulnerabilities are divulged. Stand on our shoulders and use the systems we have already built to keep your business ahead of the curve. Please contact us today at 303.795.2200 or info@gowestit.com.

David Lewien – President

A new and aggressive ransomware using a variant malicious code known as “Petya” is spreading at an alarming rate.

Petya comes on the heals of WannaCry just a few weeks ago and is getting a great deal of publicity because of the rate of infections and the well known victims. Petya is a very serious threat.  The frequency and velocity of these types of attacks will continue to increase.

Risk mitigation actions include the following:

1.  Patch, patch, patch… Patch all applications (OS, Adobe, Java, Flash, Mac), not just Windows Operating Systems.
2. Implement a solid backup solution (including offsite backups) for critical data so you can recover quickly from ransomware without paying a ransom.
3. Use a good business class firewall that scans for viruses and intrusion attempts.  Go West uses and recommends FortiGate firewalls.  FortiGate firewalls with UTM features enabled are helping to mitigate this particular threat.
4. Use good business class antivirus software on all of your devices.
5. Train yourselves and your people how to identify phishing emails.  Go West recommends and resells KnowBe4 phishing testing and security training for this purpose.
6. Employ a third-party email filter to scan inbound and outbound email.

Open RDP (Terminal Server) access is particularly vulnerable to this threat.  RDP access should be restricted to VPN and/or SSL gateway connections only.

Go West IT customers using our Go Proactive and Go Comprehensive managed services benefit from routine Microsoft and third party application (e.g., Adobe, Java, Flash) patching, managed antivirus, and managed backups to mitigate the current Petya threat and those that will follow.

If you are a Go West IT customer and are not yet using our Go Proactive or Go Comprehensive managed services we strongly recommend engaging Go West in this regard to help protect from this particular threat and those that will follow.

Please visit our website and click on Solutions, the Cybersecurity to watch a short video for more information on how tot protect you and your business from cyber threats.

Via WordPress.org: “WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.  This presents significant reputational, regulatory, and possibly operational risk to companies that conduct business on WordPress sites.  Websites sites should be updated to the latest version, 4.0.1, as soon as possible.”

Go West IT recommends that you contact your website developer to perform this upgrade, as it may also require that numerous plugins are simultaneously updated to maintain functionality.  If you do not have a web developer please feel free to contact Go West IT for guidance.