Huge ransomware attacks that shut down hundreds of organizations at once. Unfortunately, it’s becoming more and more common. A recent leak in the software of the American company Kaseya is just one example. Because IT companies use this software to remotely manage computer systems, hackers gained access to thousands of systems. The consequence is entire supply chains are infected and duped. About 59 million euros in ransom has to be paid.
Our vaccine against
the Kaseya megahack
and other ransomware attacks
Can CIOs, IT managers and IT architects still be on the defense?
This question is correct. We don’t think so and believe it’s better to leave this to security specialists and analysts, who work daily to identify potential vulnerabilities and threats. Not only for your own organization, but also for other organizations that work with you and can be dragged into a catastrophe. It prevents ransom payments from organizations that can better pay your bills. Your choice to strategically invest in digital security therefore has positive consequences for the safety of others. That’s why we’re talking symbolically about “a vaccine” to counter such ransomware attacks.
We prefer CATO Networks when it comes to digital security
To keep your organization healthy, the security analysts at Cato networks work tirelessly to identify, detect and mitigate potential vulnerabilities or exposure of our customers to this threat. And they do it smartly and professionally. Let’s take Kaseya as an example:
Following the outbreak of the Kaseya megahack, a rapid forensic analysis of Cato customer profiles was performed and several customers were identified who are currently using Kaseya products. That is already an excellent starting point.
Kaseya megahack and forensic analysis
The preliminary analysis shows no evidence of infection in the Cato customer base. This is based on the Indicators of Compromise (IOC) published and related to the attack. IOCs are small pieces of forensic data found in the system log or files that identify potentially malicious activity on a system or network. For example, these indicators help detect malware infections, data leaks and other digital threats.
Threat Intelligence platform
Cato Networks uses a Threat Intelligence platform. This ensures IOCs ,associated with the Kaseya attack, are automatically blocked by their IPS. IPS stands for Intrusion Prevention System and it’s a security device that monitors network and system activities for undesired behavior. This happens in real-time, which means that attacks, such as Kaseya, are immediately blocked.
Recommendations
Cato networks recommends that you continuously follow Kaseya’s advice. So do we. However, our advice is also to contact us without obligation for an “SD-WAN health check”. It may just be that you think you are digitally safe, but will soon be attacked because the current solution turned out to be too traditional. SASE/SD-WAN from Cato Networks is also extremely suitable as a replacement for MPLS.
LinkedIn