Google+
Select Page

WannaCry Did Not Make Me Want to Cry

CATS WannaCry

THE INTERNET IS DYING! ALL DATA IS BEING DESTROYED! HERE COMES THE NETWORK APOCALYPSE!

If you’ve been paying attention to the news over the last week, the above thoughts may have either crossed your mind or have been implied by the media. This is due to the recent reported events regarding the dangerous spreading of a new strain of ransomware titled WannaCrypt which has been given the common nickname of WannaCry. In my line of work, it is situations like these that bring on some of the most stress inducing days. But here at CATS and within my role specifically, it’s my job to take on that stress on behalf of you, our clients, so that each of you can continue with the important task of running your business. You shouldn’t need to worry about things like WannaCry and I’m here to tell you that you do not need to. I’m sure that the last thing you want to see is yet another boring press release or bulletin from some faceless representative at an unreachable entity about this topic so I’m here to simply give you the facts that you should need and want sprinkled in with some good ol’ human charm.

My name is Eric Tate and I am the Director of Technology here at CATS Technology. Allow me to take you on a journey for a moment.

To our existing clients, I hope that this post shows you how much we at CATS care about each and every one of you. You’re the shine on our apple and we look forward to providing you with the highest quality of IT support available for a long time to come. If you’re not an existing customer, feel free to reach out to our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3 to learn about the many ways that CATS can take the stress out of your IT operations.

Let’s start our WannaCry journey by hitting the rewind button and going back to last Sunday. This wasn’t just any Sunday. Mother’s Day was upon us! As the father of the most amazing nearly-two-year old girl I have ever had the honor of knowing and having the privilege of getting to raise her side-by-side with my lovely wife, this was a day filled with plans and surprises. As news about WannaCry began spreading through the media over the course of the weekend, my cell phone’s battery was getting a great workout as the calls, texts, and emails began flowing in from colleagues, friends, and family all getting worried about how this may affect them. Considering my day was already filled with the stress of giving my family a wonderful day, the last thing that I wanted was additional stress put on top. But thanks to the confidence I have in our team at CATS Technology and the power of our CATS Guardian system, I was able to continue through the day free of any stress caused by WannaCry!

Here’s the reality: Your systems are going to be fine!

Let’s quickly get through the technical background of WannaCry with the help of everyone’s friend, Wikipedia. The ransomware attack began one week ago today on May 12th, 2017 and spread to over 230,000 computers in over 150 countries. The bulk of the infections occurred in foreign countries. WannaCry utilizes an exploit titled EternalBlue which was developed by the NSA which had been released by a hacker group known as The Shadow Brokers. The vulnerability makes use of an exploit in the SMB protocol found in Microsoft Windows based systems. Back on March 14th, 2017, Microsoft released a critical patch for Windows systems that were still under active support which closed the exploit used and rendered WannaCry useless. The patches released were included in Microsoft’s cumulative security update that was released in March. Then, in an unprecedented action, Microsoft also released a patch for the vulnerability this week that closes it on no-longer-supported versions of the Windows operating system such as Windows XP and Server 2003. All of the mentioned updates continue to be covered via Microsoft’s monthly cumulative security updates.

So if Microsoft already patched the vulnerability, why is everyone making such a big deal about this? Well, one could say it’s because it draws income to those media outlets. But in addition, we unfortunately live in a world where many people and companies do not keep their computer systems patched up to date with the latest security patches. In addition, Microsoft Windows piracy is unfortunately quite common. Those pirated copies cannot always check-in with Microsoft to receive those patches. These two situations then result in countless amount of computer systems still remaining vulnerable to this day and the spreading of WannaCry that comes along with it.

If you’re a CATS Ultimate Care subscriber though, you don’t need to worry! We proactively keep your systems patched up to date and make sure that your systems are safe. We utilize multiple layers of security to protect you. So let’s peel back the curtain a little bit and take a look at our internal numbers and methods of keeping you secure.

At CATS Technology, all servers and workstations that we manage and protect are loaded into our internal management system that we call CATS Guardian. You’ve probably noticed the little blue T icon in your taskbar which represents our CATS Guardian system’s connection. Throughout the week, I ran custom reports against all of our managed servers and workstations to pull information pertaining to their Windows patch status. As of this past Wednesday, more than 99% of our managed computers had already received the patches provided in March’s cumulative security update. To be exact, only 13 computers were missing it. Even with that percentage being as tiny as it is, it still wasn’t good enough for me. I reviewed the thirteen machines in question so that I can have an understanding as to why they may not have been received the patches and found understandable reasons.

* Two are servers currently in development for a client project that is on hold and is currently pending the patching phase. The servers are sandboxed in a development lab and are not yet in production.
* One is an old CATS laptop that has not been used in months and is currently collecting dust.
* One is a client laptop that was archived by the client for data retention in the early part of this year and has not been powered on since.
* The other nine machines are miscellaneous client workstations that have not been online to receive the patch in multiple months.

Because every machine counts, we are currently working with the clients in possession of the last remaining unpatched machines so that we can complete the installation on them.

Happily absent from that less than 1% of vulnerable machines are all servers in production for our clients. This is thanks to the wonderful hard work of our CATS team and the CATS Guardian system.

By the way, if you’re already using Microsoft Windows 10, then you have nothing to worry about anyways. The vulnerability never existed within it.

In addition, because we care about each and every one of you, I utilized our CATS Guardian system to proactively mass-deploy the latest May cumulative security update to all of our managed Windows computers that hadn’t received it yet even if your monthly patching date is normally at the end of the month. In addition, my mass-deploy included all managed computers, not just ones covered for monthly patching by our CATS Ultimate Care proactive services. This is because we care about all of you especially in these confusing times. If you’re not currently an Ultimate Care subscriber and would like to upgrade your services with us to receive all patches moving forward, let us know and we’ll be in touch! I’m currently monitoring the status of the mass-deploy and will be working with our tech team to address any updates that may fail so that they can be manually resolved.

On top of all of this patching mumbo jumbo, we utilize other ways of proactively protecting you from WannaCry traffic. For example, if your environment is utilizing our recommended SonicWALL comprehensive security suite, you’re protected by the power of gateway level malware protection which is updated constantly on a daily basis and has been updated recently to capture the transmission of WannaCry data in-transit before it reaches your machines. Also, those of you who subscribe to our CATS Guardian Managed Antivirus (powered by Webroot SecureAnywhere) on your servers and workstations became protected very quickly following WannaCry’s discovery. Webroot updated their security definitions to include traffic and files associated with the WannaCry infection as soon as they were able to. And because your AV was set by us to check in with Webroot for the latest updates every 30 minutes, your local installation of our CATS Guardian Managed Antivirus quickly gave you yet another layer of protection.

If you aren’t subscribed to our CATS Ultimate Care services or would like to add on comprehensive gateway security and/or our CATS Guardian Managed Antivirus, now is a great time to reach out to our sales department for further information. If you’re unsure whether you currently subscribe or are protected by these services, let us know and we’ll be happy to perform a review with you.

I would be doing you a disservice if I made the claim that there is a 100% guarantee that no infection will ever hit your system. The unfortunate reality is that the criminals that continue to write ransomware infections do everything they can to try to stay one step ahead of those trying to stop them. The guarantee I can definitely give you though is that CATS Technology is here for you and remains stationed in the trenches 24/7/365 protecting you by any means necessary. We take these types of situations very seriously. In the unlikely event that an infection does make its way through, we’ll get you back up and running in minimal time.

I would like to personally thank each and every one of you for taking the time to read about how CATS Technology works around the clock to protect you and your company’s assets. If you have any questions or concerns at all, feel free to reach out to us at any time.

If this is your first time hearing about CATS Technology and would like more information about how we can help protect you from all of the scary stuff out there like WannaCry, we’re here for you as well! Contact our sales department at Sales@CATSTechnology.com or (732) 204-7100 option 3.

My wife and daughter heard no mention of WannaCry from me on that fateful Mother’s Day thanks to the power of CATS Guardian. Let us bring that type of worry-free living to you and your business so that you too can enjoy your holidays!

3 Ways Server Virtualization Can Save You Money

server virtualization services new jersey

1.    Add business application or database without increasing the number of physical hardware servers

No matter how good you are at financial planning, it’s tough to anticipate when your company may need to accommodate an influx of new employees or new customer accounts that could put a strain on your technology resources.

We can take an example of a client, an 18-person business, that was already running two servers and that was evaluating a new, dedicated system to run a customer relationship management (CRM) application. The client’s team determined that by investing in slightly more robust multiprocessor hardware, the customer could replace one of its existing servers with a virtualized machine that run both the new application along with the old ones. What’s more, the investment laid the groundwork for its team to work remotely, while still retaining access to the applications they needed to do their jobs.

The server hardware that the client bought in order to make this happen was on the high side of what it would have had to pay for a dedicated server (between $5,000 and $10,000), but it now only needs to be concerned with the ongoing maintenance costs for one piece of hardware that acts like two servers. So, the company still has only two physical servers to manage, but it has extended the productivity of its employees while adding another application.

2.     Enhance your disaster recovery plan.

One very real strategy made possible by virtualization is a disaster recovery plan. Virtualization allows a small business to create ongoing back-up snapshots image of a database or business application that can be replicated in more than one place.

If the main piece of hardware fails, the application can be restored from the fail-over server in a matter of two hours versus 72 hours. Most small businesses are horrified by the thought of their systems being out of commission for more than a day.

The rise of quad-core server hardware has made this process simpler and more affordable. This might cost a small business a little more in terms of RAM or storage, but they can do so much more with that one server and the virtualization software.

3.    Stretch your technology budget.

Virtualization is compelling because it enables short-term and long-term cost reductions in systems maintenance, office real estate and electrical footprint. The additional upfront expense comes in the form of the virtualization software, which is minimal if you use a Microsoft platform; a hardware upgrade or refresh; and some additional implementation services. At a minimum, this will be 20% less than the cost of buying a second server. Companies with as few as two servers can realize an immediate benefit from virtualization.

What Exactly Is Server Virtualization?

Server virtualization company bj

 

Do you have servers that are nearing the end of life?

Do you run custom applications?

Then chances are, you have heard a thing or two about server virtualization.

Server virtualization is the partitioning of a physical server into smaller virtual servers to help maximize your server resources. (1) Through software technology industry is able to get “you more bang for your buck” by reaping more benefits from the same set of IT resources (Servers, SAN, NAS, Etc)

Small to medium size companies have significant investments in IT infrastructure. Properly designed systems need to ensure isolation, business continuity, and scalability. All of these concerns are covered in a well-built systems architecture designed with server virtualization, which can include:

Isolation: Having your servers independent of other each other is critical for any well-built system. Server virtualization achieves this and much more. Perhaps you have an ERP system, or other line of business application that needs to have a Database server, Application Server, and Remote Desktop Server. Under the terms of isolation, these systems will all be “virtual sessions” and never interfere with each other.

Business Continuity: Server virtualization affords a company the ability to have invariable degrees of business continuity. Server virtualization, when built correctly, can provide for global levels of business continuity. Geographic diversity is key for verifiable, audit worthy, business continuity plans.

Scalability: A well-built system is modular in design. Utilizing the latest in technologies, a system can be elastic. It can grow as your data grows. A SAN for example will have upwards of 20 slots for disks. You can start up with only a fraction slots and add more disk as needed. Systems can be added to the “cluster” and more and more processing power can be harnessed. Server virtualization makes this all possible.

Cost savings can be made with respect to adopting virtualization technology as: energy consumption, adding servers without purchasing hardware, and reduced cooling costs.

Additionally, lowered operational costs and IT employees are needed to run a well-engineered environment.  Systems maintenance is easier with various management tools available through virtualization software providers.

The conclusion is drawn with an eye towards cost-savings, increased performance, and modularity. Server virtualization makes absolute sense for the small to mid-size company.

(1) http://www.webopedia.com/TERM/S/server_virtualization.html