, ,

Three Things to do in Response to the Sandworm Threat to Windows Security

By

on

Executive Summary:

Earlier this week, Microsoft privately released a patch for a critical vulnerability affecting all modern versions of Windows.  Without this patch, a malicious file can download and execute other malware from the internet allowing complete control of the affected computer.

Technical Details:

This will likely be attacked through a phishing attack.  Upon opening, the attachment will attempt to exploit the vulnerability.  If successful, it can subsequently install any malware.  That malware could provide backdoor access to someone on the internet or, in the case of crypto ransomware, encrypt everything on the computer and hold it for ransom.

Three things you should do:

  • This is a good opportunity to remind your staff of the real threat that phishing attacks can present.  The best remedy is prevention.  If people do not click on malicious links, this malware can go nowhere.  Unfortunately, prevention is the hardest remedy to apply.

  • People will make mistakes.  If they do, they need to report the mistake as soon as possible. Having people report the mistake adds yet another layer of security to preventing further system compromise.

  • Additionally, check with your IT staff to ensure that your workstations will be patched for this vulnerability as quickly as possible.

Is Netgain affected by this?

The Netgain security team evaluated our possible exposure and immediately began applying the patch to our systems.  In the absence of this patch, our systems are protected by other layers of protection.  Application Whitelisting limits the ability for malware to execute on Netgain systems. AntiVirus will detect and delete known malware.  Our Intrusion Detection System will alert us to if any attacks are detected.  Finally, our weekly vulnerability scans will confirm the successful install of the patch.

If you have any questions, please contact our Security Officer, Charles Killmer, via email at Charles.Killmer@netgainhosting.com.