VULNERABILITY DISCOVERED LEAVING COUNTLESS SMALL BUSINESSES AT RISK FOR CYBERATTACK
the United States Computer Emergency Readiness Team (US-CERT) released a report outlining and advanced persistent cybersecurity threat. This threat could potentially impact hundreds of thousands of small- to medium-sized businesses nationwide.
The threat has been made public under Alert TA18-276B (https://www.us-cert.gov/ncas/alerts/TA18-276B) and identifies how a number of legitimate tools used by IT companies have been compromised. According to the report, these hostile tactics, techniques, and procedures (TTPs) have been ongoing since May 2016, but many IT providers have not yet acted to mitigate the risk presented to their clients.
Since the compromised tools are most often used by Managed Services Providers (MSPs) - specialized IT companies that serve businesses who do not have their own IT department - this threat is most likely to impact smaller businesses. The threat is compounded when one considers the widespread belief that smaller businesses are less likely to be targeted by cybercriminals or foreign threat agents. This belief is false however, as reports show that 60% of small businesses are hacked each year (https://www.inc.com/kevin-kerridge/not-just-equifax-60-percent-of-small-businesses-get-hacked-each-year-heres-how-to-fight-back.html).
Wednesday's report from US-CERT outlines the technical aspects of this threat, as well as its potential impacts on business owners and end users:
"A successful network intrusion can have severe impacts to the affected organization, particularly if the compromise becomes public. Possible impacts include
* Temporary or permanent loss of sensitive or proprietary information,
* Disruption to regular operations,
* Financial losses to restore systems and files, and
* Potential harm to the organization's reputation."
Addressing this Threat
The threat actors outlined in the report cannot be stopped short by passive methods such as anti-virus software or firewalls, as many of the legitimate tools that have been compromised by hackers are built to bypass these defenses.
For this reason, US-CERT's recommendations for mitigation and remediation include active monitoring and planned incident response. Simply put, it's impossible to stop these threats without an actual human watching logs for suspicious activity, investigating the activity, and putting a stop to it.
This brings another challenge to both the MSP IT providers and their clients - most service providers and small businesses simply don't have the resources to provide around-the-clock monitoring of networks and data. Such high-level cybersecurity requires an advanced Security Operations Center (SOC), numerous tools, specialized training, and a great deal of planning - not to mention the payroll requirements of keeping the SOC staffed 24/7, all year long.
Businesses (and IT providers) who do not have the resources to follow this path have another option. Just as there are specialized IT providers servicing businesses who cannot justify the cost of an in-house IT department, there are cybersecurity firms who provide 24/7 monitoring and response to those who cannot justify the immense cost of creating and running their own SOC.
One such cybersecurity company, Vijilan Security, operates out of Fort Lauderdale, Florida. Their Security Operations Center is staffed with specialists monitoring their clients' networks for suspicious activity around the clock. Among the numerous threats they are looking out for are those outlined in Alert TA18-276B.
Please contact Vijilan CEO Kevin Nejad for quotes or expert opinion this story.
ABOUT VIJILAN SECURITY
Under the direction of CEO and Founder Kevin Nejad, this Fort Lauderdale-based cybersecurity firm operates within a rigorous set of guiding principles:
* By keeping their focus on cybersecurity, Vijilan does not compromise the value of its core offering by adding unnecessary "bundled" services or deviating from their specialization.
* Vijilan champions the growth of their clients by providing competitive solutions that create new revenue opportunities for MSPs.
* Vijilan boasts excellent client retention by striving to provide the best user experience and customer service in the industry.
* Clients and end-users can rely on 100% US-based support from Vijilan's SOC in Fort Lauderdale, Florida.
Press Release Contact
CEO, Vijilan Security
CEO, Vijilan Security