Security Notification

By Andrey Sherman|06 February 2018

Security Notification

We would like to take a few minutes of your time to address some recent ransomware attacks, discuss best security practices, and let you know how Xvand protects your data against these and other security vulnerabilities.

Ransomware Attacks

Ransomware attacks typically originate from an external source, such as an email message or a link. Once clicked or otherwise activated, a malicious mechanism steals any data accessible on the target machine and encrypts or otherwise manipulates it. These attacks are designed to affect local and accessible network data, so everybody on the same local network is potentially at risk. Ransomware changes individual file structure so that it is unreadable to the user affected and holds it hostage until a ransom is paid. Obviously, it’s not that simple – even though paying the required amount of Bitcoin ( digital currency ) may grant immediate access to infected data it does not remove the underlying virus. Also, the payment of a ransom may still not unlock your data, and if it does that data’s integrity is now suspect.

What makes WannaCry unique?

The ransomware attack that is the center of attention right now is known as WannaCry. It uses what is referred to as a 0-day exploit to compromise many systems around the world. A 0-day attack is one where vulnerability is not known until the attack starts. When the attack is launched, the program starts encrypting data, making it unusable and demanding a ransom to unlock the data potentially.

The ransomware attack that is the center of attention right now is known as WannaCry. It uses what is referred to as a 0-day exploit to compromise many systems around the world. A 0-day attack is one where vulnerability is not known until the attack starts. When the attack is launched, the program starts encrypting data, making it unusable and demanding a ransom to unlock the data potentially.

This is one of the reasons why Xvand adheres to Microsoft’s development lifecycles and retires older systems when official support has ended. Furthermore, we encourage our clients to do the same with their local devices and can assist in this process.

What Xvand does to protect your data:

Your environment at Xvand is secured by several layers of protection from sophisticated 2-step email filtering system to comprehensive network traffic analysis (firewall) in Xvand sessions, as well as at our managed office locations, and ultimately a complete denial of software execution within our system to stop anything that could attempt to get through. This particular attack spreads through Windows file sharing protocols (SMB), which is closed off to our system from end user computers, so even if a local machine gets infected, it cannot spread into your file repositories within Xvand.

Tips to Avoid Getting / Spreading These Viruses

Xvand’s Recommendations:

  • Always call or email Xvand helpdesk if you need help telling a legitimate email, link, software, etc. apart from a fake one before you open it.
  • If you already have ransomware of any type or suspect your PC is infected, shut it down, then call Xvand to schedule a technician to investigate the issue

Microsoft’s General Guidelines:

  • Be careful not to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or give access to Facebook or messaging applications such as WhatsApp and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use antivirus and always make sure to have the latest update.
  • Make sure your Windows has the latest update.

Additional Services Xvand offers to help prevent cyberattacks:

  • Xvand managed network: We offer this per office location, it includes our centralized firewall service to filter web traffic outside of session. Service also includes all network equipment and any associated setup and troubleshooting work.
  • Xvand local workstation management: This feature is in its final stages of development and will be introduced soon. It will take care of adjusting local workstation settings to mitigate potential attacks and take care of routine maintenance items such as updates on a predefined schedule.

If you would like to inquire further about anything we have covered here, please contact the Helpdesk at your convenience.

Xvand Logo
11333 Chimney Rock Rd. | Houston, Texas 77035
Office: (832) 204 - 4900

Contact Us!