Wannacry Ransomware: What Apex customers need to know.

May 16, 2017
Michael O'Connell

Apex engineered networks rely on multiple layers of security to protect the critical data and systems that make up our customer networks. The different threat entry points, known as threat vectors, that the Wannacry virus uses are protected by different technologies. Each technology makes up layers in a multi-tiered approach to protecting your network.

 

It all starts with a well-trained end user. Viruses like Wannacry often deliver their payload by taking advantage of untrained users.  Make sure your end users are NOT clicking on email attachments or links that are from or to suspicious addresses. Even that isn’t foolproof as email addresses can be spoofed. Make sure users are reminded to think before they click.

Customers that subscribe to Apex’s Anti-SPAM and Anti-VIRUS services, e.g., with Barracuda SPAM firewalls or Barracuda Office 365 Essentials, are protected at the mail server level. These services are cloud hosted far outside the corporate network and will remove suspicious links and attachments BEFORE they reach the end-user.

Next is the corporate network firewall. Customers who have invested in the Advanced Threat Detection feature of the Apex managed firewall service or the Barracuda NG Firewall benefit from the malware and threat detection supplied with that service. Other firewalls may not have those sophisticated features but we’ve configured them to block attempts to connect on the ports that the Wannacry virus needs to propagate from other networks.

Apex’s Webroot anti-virus service is constantly deploying updates to virus signatures. Webroot has had a Wannacry definition in their arsenal since the outbreak started. If you are an Apex customer using Webroot from Apex, you are protected even if the virus makes it past the anti-SPAM server, the Firewall and your well trained end-user.

Finally, Apex’s patch management. Applying patches is risky business. OS patches modify files in the operating system that your applications need to run. One wrong patch can ruin your and your favorite Apex’ers day! We use various methods to assess the level and frequency of patches deployed at our customer sites. Patching is only one PART of the solution. Oftentimes, the patches come out AFTER the outbreak has been in the wild. Also, OS manufacturers don’t always patch things in timely manner. That’s why we rely on a multi-tiered approach.

 

If you are unsure about your organization’s level of protection and want to speak to an account manager. Please call 401.277.3000 or email me directly at moconnell@apextechgroup.com.

 

Michael O’Connell

Vice President, Client Services

The Apex Technology Group