Google+
Select Page

WannaCry Did Not Make Me Want to Cry

CATS WannaCry

THE INTERNET IS DYING! ALL DATA IS BEING DESTROYED! HERE COMES THE NETWORK APOCALYPSE!

If you’ve been paying attention to the news over the last week, the above thoughts may have either crossed your mind or have been implied by the media. This is due to the recent reported events regarding the dangerous spreading of a new strain of ransomware titled WannaCrypt which has been given the common nickname of WannaCry. In my line of work, it is situations like these that bring on some of the most stress inducing days. But here at CATS and within my role specifically, it’s my job to take on that stress on behalf of you, our clients, so that each of you can continue with the important task of running your business. You shouldn’t need to worry about things like WannaCry and I’m here to tell you that you do not need to. I’m sure that the last thing you want to see is yet another boring press release or bulletin from some faceless representative at an unreachable entity about this topic so I’m here to simply give you the facts that you should need and want sprinkled in with some good ol’ human charm.

My name is Eric Tate and I am the Director of Technology here at CATS Technology. Allow me to take you on a journey for a moment.

To our existing clients, I hope that this post shows you how much we at CATS care about each and every one of you. You’re the shine on our apple and we look forward to providing you with the highest quality of IT support available for a long time to come. If you’re not an existing customer, feel free to reach out to our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3 to learn about the many ways that CATS can take the stress out of your IT operations.

Let’s start our WannaCry journey by hitting the rewind button and going back to last Sunday. This wasn’t just any Sunday. Mother’s Day was upon us! As the father of the most amazing nearly-two-year old girl I have ever had the honor of knowing and having the privilege of getting to raise her side-by-side with my lovely wife, this was a day filled with plans and surprises. As news about WannaCry began spreading through the media over the course of the weekend, my cell phone’s battery was getting a great workout as the calls, texts, and emails began flowing in from colleagues, friends, and family all getting worried about how this may affect them. Considering my day was already filled with the stress of giving my family a wonderful day, the last thing that I wanted was additional stress put on top. But thanks to the confidence I have in our team at CATS Technology and the power of our CATS Guardian system, I was able to continue through the day free of any stress caused by WannaCry!

Here’s the reality: Your systems are going to be fine!

Let’s quickly get through the technical background of WannaCry with the help of everyone’s friend, Wikipedia. The ransomware attack began one week ago today on May 12th, 2017 and spread to over 230,000 computers in over 150 countries. The bulk of the infections occurred in foreign countries. WannaCry utilizes an exploit titled EternalBlue which was developed by the NSA which had been released by a hacker group known as The Shadow Brokers. The vulnerability makes use of an exploit in the SMB protocol found in Microsoft Windows based systems. Back on March 14th, 2017, Microsoft released a critical patch for Windows systems that were still under active support which closed the exploit used and rendered WannaCry useless. The patches released were included in Microsoft’s cumulative security update that was released in March. Then, in an unprecedented action, Microsoft also released a patch for the vulnerability this week that closes it on no-longer-supported versions of the Windows operating system such as Windows XP and Server 2003. All of the mentioned updates continue to be covered via Microsoft’s monthly cumulative security updates.

So if Microsoft already patched the vulnerability, why is everyone making such a big deal about this? Well, one could say it’s because it draws income to those media outlets. But in addition, we unfortunately live in a world where many people and companies do not keep their computer systems patched up to date with the latest security patches. In addition, Microsoft Windows piracy is unfortunately quite common. Those pirated copies cannot always check-in with Microsoft to receive those patches. These two situations then result in countless amount of computer systems still remaining vulnerable to this day and the spreading of WannaCry that comes along with it.

If you’re a CATS Ultimate Care subscriber though, you don’t need to worry! We proactively keep your systems patched up to date and make sure that your systems are safe. We utilize multiple layers of security to protect you. So let’s peel back the curtain a little bit and take a look at our internal numbers and methods of keeping you secure.

At CATS Technology, all servers and workstations that we manage and protect are loaded into our internal management system that we call CATS Guardian. You’ve probably noticed the little blue T icon in your taskbar which represents our CATS Guardian system’s connection. Throughout the week, I ran custom reports against all of our managed servers and workstations to pull information pertaining to their Windows patch status. As of this past Wednesday, more than 99% of our managed computers had already received the patches provided in March’s cumulative security update. To be exact, only 13 computers were missing it. Even with that percentage being as tiny as it is, it still wasn’t good enough for me. I reviewed the thirteen machines in question so that I can have an understanding as to why they may not have been received the patches and found understandable reasons.

* Two are servers currently in development for a client project that is on hold and is currently pending the patching phase. The servers are sandboxed in a development lab and are not yet in production.
* One is an old CATS laptop that has not been used in months and is currently collecting dust.
* One is a client laptop that was archived by the client for data retention in the early part of this year and has not been powered on since.
* The other nine machines are miscellaneous client workstations that have not been online to receive the patch in multiple months.

Because every machine counts, we are currently working with the clients in possession of the last remaining unpatched machines so that we can complete the installation on them.

Happily absent from that less than 1% of vulnerable machines are all servers in production for our clients. This is thanks to the wonderful hard work of our CATS team and the CATS Guardian system.

By the way, if you’re already using Microsoft Windows 10, then you have nothing to worry about anyways. The vulnerability never existed within it.

In addition, because we care about each and every one of you, I utilized our CATS Guardian system to proactively mass-deploy the latest May cumulative security update to all of our managed Windows computers that hadn’t received it yet even if your monthly patching date is normally at the end of the month. In addition, my mass-deploy included all managed computers, not just ones covered for monthly patching by our CATS Ultimate Care proactive services. This is because we care about all of you especially in these confusing times. If you’re not currently an Ultimate Care subscriber and would like to upgrade your services with us to receive all patches moving forward, let us know and we’ll be in touch! I’m currently monitoring the status of the mass-deploy and will be working with our tech team to address any updates that may fail so that they can be manually resolved.

On top of all of this patching mumbo jumbo, we utilize other ways of proactively protecting you from WannaCry traffic. For example, if your environment is utilizing our recommended SonicWALL comprehensive security suite, you’re protected by the power of gateway level malware protection which is updated constantly on a daily basis and has been updated recently to capture the transmission of WannaCry data in-transit before it reaches your machines. Also, those of you who subscribe to our CATS Guardian Managed Antivirus (powered by Webroot SecureAnywhere) on your servers and workstations became protected very quickly following WannaCry’s discovery. Webroot updated their security definitions to include traffic and files associated with the WannaCry infection as soon as they were able to. And because your AV was set by us to check in with Webroot for the latest updates every 30 minutes, your local installation of our CATS Guardian Managed Antivirus quickly gave you yet another layer of protection.

If you aren’t subscribed to our CATS Ultimate Care services or would like to add on comprehensive gateway security and/or our CATS Guardian Managed Antivirus, now is a great time to reach out to our sales department for further information. If you’re unsure whether you currently subscribe or are protected by these services, let us know and we’ll be happy to perform a review with you.

I would be doing you a disservice if I made the claim that there is a 100% guarantee that no infection will ever hit your system. The unfortunate reality is that the criminals that continue to write ransomware infections do everything they can to try to stay one step ahead of those trying to stop them. The guarantee I can definitely give you though is that CATS Technology is here for you and remains stationed in the trenches 24/7/365 protecting you by any means necessary. We take these types of situations very seriously. In the unlikely event that an infection does make its way through, we’ll get you back up and running in minimal time.

I would like to personally thank each and every one of you for taking the time to read about how CATS Technology works around the clock to protect you and your company’s assets. If you have any questions or concerns at all, feel free to reach out to us at any time.

If this is your first time hearing about CATS Technology and would like more information about how we can help protect you from all of the scary stuff out there like WannaCry, we’re here for you as well! Contact our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3.

My wife and daughter heard no mention of WannaCry from me on that fateful Mother’s Day thanks to the power of CATS Guardian. Let us bring that type of worry-free living to you and your business so that you too can enjoy your holidays!

More Compatibility Issues with Windows XP Machines

Windows Updates causing server compatibility issues with Windows XP machines

Windows Updates causing server compatibility issues with Windows XP machinesAs previously reported, Microsoft support for the Windows XP operating system has ended. Over the last few months, CATS Technology has encountered compatibility issues between Windows XP machines and various Windows servers as new server-side updates are released and applied.

UPDATE YOUR SYSTEM NOW

On April 8, 2014 Microsoft ended security updates and technical support for the Windows XP operating system. In order to maintain a safe and secure network, it is imperative that customers and partners migrate to a modern operating system such as Windows 7 or 8. Customers moving to a modern operating system will benefit from dramatically enhanced security, broad device choice for a mobile workforce, higher user productivity, and a lower total cost of ownership through improved management capabilities.

WINDOWS XP MACHINES ARE NO LONGER SAFE!

Windows XP machines are no longer considered protected. If some of your systems are still running Windows XP, contact CATS Technology to get your systems up to date. Keeping your systems updated is critical for the security of your data and for the life of the machine.

CONTACT CATS TECHNOLOGY SOLUTIONS GROUP

For any questions, please email CATS Technology at Support@CATSTechnology.com or call us at 732-204-7100.

Why Windows XP is now a bigger threat than Heartbleed ever was

xp-securityMost people are aware by this point of the internet-wide security vulnerability known as ‘Heartbleed’, which effected many web applications which used OpenSSL technology. While there was great potential for serious breaches in security with Heartbleed, the actual damage was minimal. The reason that Heartbleed was so potentially serious, was because it provided a backdoor through which a malicious individual could easily intercept digital data that is supposed to be kept secure such as confidential records, passwords, and credit card and payment information. Luckily this was all fixed before there was any serious exploitation, and with a few strategic password changes, we’re back to life as usual.

So why are we not hearing the same hoopla about Windows XP?

In early April, Microsoft pulled the plug on the Windows XP operating system, which means that it will no longer be offering updates, security patches, etc. Don’t be fooled by the fact that your computer still powers up and runs, any machine still running XP presents a massive security risk. As malicious individuals in the hacker community know that the source code for Windows XP is now final, never to be changed, it gives them a still target, so to speak, on which they can hone their hacking skills and exploit vulnerabilities in the current, and final version of the software, knowing that none of the vulnerabilities will later be secured, as with an actively supported platform.

Why Windows XP is now a bigger threat than Heartbleed ever was.

Heartbleed was the discovery of a single vulnerability, on an otherwise strong, stable platform. When the vulnerability was discovered a patch was released immediately, mitigating most of the threat, and declaring null and void the work of those malicious individuals who spent all of that time searching for it. Post-patch OpenSSL technology is as reliable as ever, and the risk associated with use today remains low. Windows XP on the other hand, is a platform that going forward is perpetually at risk. There is no more proactive mitigation of threat taking place, and each day that passes with such a machine still in use, represents a greater risk than the day before.

Keep Your Data Safe – Talk to an IT Professional Today

In order to keep your data, and IT infrastructure safe, as well as save your business from the potential economic and non-economic costs involved with having a compromised network, talk to an IT professional today about upgrading your systems to newer, safer, more secure versions of Windows.

Don’t Go it Alone — We Speak Microsoft!

microsoft server consultants new jersey

Microsoft server consultants New Jersey

Need a Microsoft Server Consultant?

CATS Technology provides a broad range of Microsoft technology consulting services to help our clients drive excellence and business value in applications driven by Microsoft technology. By virtue of our close partnership with Microsoft and frequent collaboration in product development, CATS Technology is able to deliver world class solutions which blend CATS Technology solutions and Microsoft technology. Because we are so involved in Microsoft products they are our specialty, offering different products like: Microsoft SharePoint, Microsoft SQL Server 2008, and other Microsoft solutions.

How can Microsoft Server Consultants help?

Once the project has been initially scoped, we will partner with you to complete a formal and detailed assessment that outlines your specific requirements. Once the assessment phase is complete, we will provide you with a step-by-step project plan complete with design options, deployment scenarios and cost benefits to help you decide on the right strategy and support to meet your goals and budget.

We pride ourselves on providing you with the right level of support, whether we manage your project from start to finish or simply act as a second set of eyes for your IT organization, to be sure that your plan covers all of the critical steps and challenges to ensure a successful implementation.

Are you looking to spend more time on your business and less time and money on technology?

If your answer to this question is yes, then Server 2008 is for you. It provides the software you need to maximize efficiency, help secure your network and data, maximize employee productivity, and connect you with your customers. Click on link above to direct you to our website to learn more about this type of Server.

Are you looking to access applications and data over your network via a remote computer?

If this is something you are looking for then you are looking into a Remote Desktop Service. The Remote Desktop Services platform gives you the flexibility to centrally deploy applications to users, regardless of their locations. The remote desktop service, server products and other products that we have license to serve as your Microsoft solutions partner can help breathe new life into legacy desktops and it helps enable branch-office access to feature-rich applications using lower bandwidth. It enhances productivity; enables efficient, cost-effective application management; and improves application and data security.