News and Articles | Breathe Technology

Cambridge: 01223 209920
London:       02035 190124
France:        +33970734570

lucy@breathetechnology.com

News and Articles

2018 SonicWall Cyber Threat Report

Organizations large and small are caught in the middle of a global cyber arms race with vastly different resources.

For this reason, SonicWall is committed to passing their findings, intelligence, analysis and research to you via the 2018 SonicWall Cyber Threat Report. Download the full report to gain:

  • Key advances for the security industry and cybercriminals
  • Exclusive data on the 2017 threat landscape
  • Security predictions for 2018
  • Cyber security guidelines and best practices

DOWNLOAD FULL REPORT HERE

Peterborough Biscuit Business Event

7 February 2018, 09:00 – 17:00

 

Are you a school or business in East Anglia looking for IT support? Breathe Technology are the complete IT Services provider in the region, with unrivalled expertise in outsourced IT support/managed services, systems integration, network security or IT projects. We will be exhibiting at the Peterborough Biscuit Business Event on on 7th February. Why not come and find out how we can help. We would love to meet you!
See where else we will be exhibiting this year at

 

An urgent message from Breathe Technology to all small/medium business owners.

Breathe Technology is leading IT Managed Services Provider and Security Specialist. Over the last year, our security team has been busier than ever due to the high number of malware infections including Ransomware. One business owner recently asked, why are we at risk? What would they do with my DATA?

The answer is simply that they do not want your data. They want to cripple your business and then ask for a ransom. Or they want to add your network to their global spam network and use your systems to achieve their criminal aims. They are using ever-more sophisticated methods of phishing and fake invoicing to take money from your business or your employees/customers.

Large enterprises are spending vast sums on security staff and equipment, making it much harder to compromise these organisations. So, the criminals must instead target small to medium sized businesses, who are less likely to be properly protected.

In order to ensure that you have the correct levels of protection, please ask yourself the following questions:

1)Is your firewall less than 3 years old with the latest updates from the manufacturer?

2)Does your firewall have a Gateway Security Subscription that includes Anti-Virus and Intrusion detection?

3)Does the Security Service on the Firewall include a Sandboxing Feature to capture new and unidentified versions of Malware? On SonicWall this is called Capture and provides what we call Zero Day Protection. The Modern Malware approach is to hide the Malware behind seemingly harmless applications, such as the recent outbreak disguised as an Adobe update.

4)Can your Firewall scan HTTPS encrypted websites? Another new method is to hide malware behind HTTPS sites, as conventional Web Filters would simply ignore these pages as they were encrypted…

5)Was the Firewall installed by a trained professional, either in house or a Security Reseller? Firewalls are very complex and you can only guarantee your install and your safety if the installer was trained by the specific manufacturer…

If the answer to any of these is ‘no’, then you are at risk and need to speak to us.

Thanks to the support from SonicWall, Breathe are now able to offer the exclusive pricing to our customers only, until 20th December. Installations, however, can be scheduled for 2018. This will guarantee you the latest comprehensive network security at heavily reduced prices.

Breathe are supporting this campaign, by providing significantly reduced rates on installation and support.

Our offer prices are shown at the bottom of this email. Please contact one of our sales team on 01223 209920 if you would like to take up one of these offers.

Alternatively, we are also offering discount on a Security Audit of your Network. During the Audit we will review all network security elements from your Email, Web and Application Filtering, Anti-Virus on the Server and Desktops, Windows Updates, Remote Access and your Firewall Configuration. The result will be an easy to understand report, highlighting suggestions and risks. This option is very popular with new customers, as it will provide you with insight, peace of mind and creates a plan to work to.

The pricing provided is a one-off to Breathe for this Campaign, and is not something that is likely to be repeated. Call one our Sales team today if you think your business is at risk.


END OF YEAR PROMOTION ~ EXAMPLE OFFER PRICES.

All prices include Advanced Gateway Security Suite for 3 years

(These are our most popular models; other models available at the discounted rates, please contact us for more information).

SonicWall Model SuitableFor RRP Our price until 20th Dec
TZ 300  

Single site < 20 users

 

£1,707.03 £979.20
TZ 400 Single Site <30 users £2187.66 £1,189.20
NSA 2650 Site-to-site and client VPN <75 users £6,283.47 £3,499.20
NSA 3600 Distributed networks <150 users £8,388 £4,891.20
NSA 4600 Demanding, High Speed Office networks £11,746 £6,747.60
NSA 5600 Core of demanding networks/Head Offices £23,082 13,262.40

 

  • Call 01223 209920 to speak to one of our team about your requirements.
  •  Or email lucy@breathetechnology.com to book a meeting.

Are their Kracks in your Wireless Network

As a SonicWall Gold Partner, we delighted to share the following update from SonicWall:

Network Security

Are there KRACKs in Your Wireless Network Security?

By John Gordineer

Information and recommendations on protecting your wireless deployment

On October 16, 2017, Belgian security researchers made public their findings that demonstrated fundamental design flaws in WPA2 that could lead to man-in-the-middle (MITM) attacks on wireless networks.

Named KRACKs, or key reinstallation attacks, this technique can theoretically be used by attackers to steal sensitive information from unsuspecting wireless users leveraging these flaws in the WiFi standard. Based on their research, CERT issued a series of CVEs to address this flaw, and most vendors affected have issued patches as of this writing.

More details on these vulnerabilities are available on the researchers’ website at www.krackattacks.com.

Are SonicWall wireless solutions vulnerable?

SonicWall Capture Labs has evaluated these vulnerabilities and determined that our SonicPoint and SonicWave wireless access points, as well as our TZ and SOHO Wireless firewalls, are not vulnerable. No updates are needed for SonicWall wireless access points or firewalls with integrated wireless.

What can I do to protect my wireless network?

Whether or not you are a SonicWall wireless network security user, we do recommend that you take immediate action to minimize the risk presented by these vulnerabilities.  We advise the following:

  • Patch all of your WiFi clients, whether Windows, Linux, Android, iOS or Mac OS based, with the latest KRACK updates from your client vendors. The attack is launched by compromising the wireless device, not the wireless router, so that is the most important area to focus on when you go about patching.
  • If you are not a SonicWall wireless customer, check with your vendor to determine if you need to patch your wireless access points and/or routers. Ideally, your WiFi solution would be centrally managed allowing you to provide updates and patches in a timely fashion without crippling IT resources. Again, if you are a SonicWall wireless customer no updates to the access points are needed.
  • Add an additional layer of security by using VPN technology to encrypt all network traffic between your wireless devices and your firewall. For SonicWall customers, we recommend the following:
    • For SSL encryption on mobile devices, use the SonicWall Mobile Connect client, which is available on the Apple App Store, Google Play, Windows Phone Store or Chrome Web Store.
    • For IPsec encryption, use the SonicWall Global VPN Client.
  • Advise your users to transmit sensitive data only on TLS/SSL-encrypted web pages. Look for the green lock symbol in the address bar along with https in the URL.
  • The new SonicWall SonicWave series includes a dedicated third radio for scanning.  For SonicWave wireless users, we recommend that you turn on the wireless intrusion detection feature that allows you to block traffic from rogue access points (specifically in this case an evil twin).  This will ensure that the third radio is continually scanning for these types of attacks in real-time.
  • Be on the lookout for unusual activity inside or outside your facility. In order to launch an attack using these vulnerabilities, an attacker must be physically located within Wi-Fi range of both the access point and the wireless client that is attempting to connect to the network. That means the attacker must be in or near your building, which makes it a bit more difficult to leverage than other Internet-only attacks.
  • One other note: there is no need to change Wi-Fi passwords as the KRACKs do not require the Wi-Fi password to be successful.

SonicWall believes that IT must be able to provide secure, high-speed access for the organization across both the wired and the wireless network, especially as Wi-Fi becomes more of a necessity and less of a luxury. However, cyber criminals are racing to leverage wireless to initiate advanced attacks.

SonicWall can help you extend breach prevention to your wireless network. SonicWall’s wireless network security solution provides deep packet inspection for both unencrypted and TLS/SSL-encrypted traffic along with a cloud-based, multi-engine Capture sandbox and a complete lineup of centrally managed SonicWave 802.11ac Wave 2 wireless access points.

FacebookTwitterGoogle+LinkedIn

John Gordineer
Director, Product Marketing | SonicWall
John Gordineer is the director of product marketing for SonicWall products.  In this role, he is responsible for technical messaging, positioning, and evangelization of SonicWall network security, email security, and secure remote access solutions to customers, partners, the press and industry analysts.  John has more than 20 years of experience in product marketing, product management, product development and manufacturing engineering at Verilink and SonicWall.  John earned a bachelor’s degree in Industrial Engineering from Montana State University.
Featured KRACK Security WiFi wireless network security

How IT steals your staff’s time and productivity

What happens to your staff when an IT problem stops them from getting on with their work?

In our new guide, we look at the most common IT problems that waste your staff’s time, and how to prevent most problems from happening in the first place.

Click here to view and download

Wannacry, Petya ~ What’s the next threat?

We wanted to share the latest Blog post by our partner SonicWall, in relation to recent ransomware attacks:

Locky, Then WannaCry, Now Petya. Is This The New Normal in Cyber Security?

News reports continue to roll in about yet the latest massive global ransomware attack. This time, the payload appears to be a ransomware called Petya. SonicWall Capture Labs identified the original Petya variants in 2016. However, this time it appears to be delivered by Eternal Blue, one of the exploits that was leaked from the NSA back in April. This is the same exploit that was used in the WannaCry attack.

Infected systems will initially display a flashing skull, followed by a lock screen:

Once again, the cyber arms race continues to evolve. If I were to boil this down to its essence, what we are now seeing is that cyber criminals are combining exploits and attacks in creative ways that are not necessarily new, but still quite effective. Like mixing cocktails, the ingredients are all well known, but the exact mix can be completely new.

Attack details: SonicWall customers are protected

Today, June 27, SonicWall Capture Labs began tracking a high number of Petya ransomware attacks against SonicWall customers. Petya as a malware payload is not new. In fact, we reported in the 2017 Annual SonicWall Threat Report that it was second only to Locky in the number of infections we noted last year. The good news for SonicWall customers that are using our security services is that we have had signatures for certain variants of Petya since March 2016. Then, in April 2017 Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA. Also, on June 27, the Capture Labs Threat Research Team issued a new alert with multiple signatures protecting customers from the new Petya Ransomware Family.

Recommendations for SonicWall customers

As a SonicWall customer, ensure that your next-generation firewall has a current active Gateway Security subscription, in order to receive automatic real-time protection from known ransomware attacks such as Petya. Gateway Security includes Gateway Anti-virus (GAV), Intrusion Prevention (IPS), Botnet Filtering, and Application Control. This set of technology:

  • Includes signatures against Petya (part of GAV)
  • Protects against vulnerabilities outlined in Microsoft’s security bulletin MS17-010 (part of IPS)

Since SonicWall Email Security uses the same signatures and definitions as Gateway Security, we can block the emails that deliver the initial route to infection. To block malicious emails, ensure all Email Security services are up to date. Since 65% of all ransomware attacks happen through phishing emails, this also needs to be a major focus when giving security awareness training. Additionally, customers with SonicWall Content Filtering Service should activate it to block communication with malicious URLs and domains, which work similar to the way botnet filtering disrupts C&C communication.

Because more than 50% of malware is encrypted, as a best practice, always deploy SonicWall Deep Packet Inspection of all SSL/TLS (DPI SSL) traffic. This will enable your SonicWall security services to identify and block all known ransomware attacks. Enabling DPI SSL also allows the firewall to examine and send unknown files to the SonicWall Capture Advanced Threat Protection (ATP) service for multi-engine sandbox analysis. We recommend that you deploy Capture ATP in order to discover and stop unknown ransomware variants. Because of the rapid proliferation of malware variants, SonicWall leverages deep learning algorithms to provide automated protection against both known and zero-day threats. The combination of the SonicWall Capture Threat Network and SonicWall Capture ATP sandboxing provides the best defense against newly emerging hybrid attacks such as Petya. As always, we strongly recommend that you also apply the Windows patch provided by Microsoft to protect against the Shadow Brokers leaked exploits as well.  And it is always a good idea to maintain current backups of all critical data to allow recovery in the event of a ransomware event.

 

Click here to read the full report and past blog posts by SonicWall

So what’s the difference between antivirus and anti-malware?

What’s the difference between antivirus and anti-malware?

By Wendy Zamora | September 11, 2015

It’s the $64,000 question. The ultimate question of life, the universe, and everything. (And no, the answer isn’t 42.) Whenever someone begins their search for online security, they ultimately discover there are two major types of protection: antivirus and anti-malware. Which leads them to the inevitable query:

What’s the difference between antivirus and anti-malware?

Virus vs. malware

Before we can answer that, we need to first unveil what, exactly, are viruses and malware. A virus is a piece of code that is capable of copying itself in order to do damage to your computer, including corrupting your system or destroying data. Malware, on the other hand, is an umbrella term that stands for a variety of malicious software, including Trojans, spyware, worms, adware, ransomware, and yes, viruses. So the logic follows: all viruses are malware. Not all malware are viruses. Ya dig?

Unfortunately we can’t stop there because it’s a little more complicated than that. Viruses are considered to be legacy threats. By this we mean: they’ve been around for a while and haven’t changed all that much. They aren’t used very often by today’s cyber criminals, which is why many antivirus companies have evolved to fight more than “just” viruses. This can include infectious malware like worms, web threats like keyloggers, or concealment malware, such as rootkits.

So why do antivirus companies still call themselves antivirus? Since viruses made headlines in the 90s, security companies focused their efforts on fighting them. Thus the term antivirus was born. It all boils down to marketing. Most people are familiar with computer viruses and what they do. Not a lot of people know what malware is.

Compare and contrast

Still, there are key differences between antivirus and anti-malware software that go beyond semantics. What differentiates antivirus and anti-malware companies are the types of malware they specialize in and how they deal with them.

Antivirus usually deals with the older, more established threats, such as Trojans, viruses, and worms. Anti-malware, by contrast, typically focuses on newer stuff, such as polymorphic malware and malware delivered by zero-day exploits. Antivirus protects users from lingering, predictable-yet-still-dangerous malware. Anti-malware protects users from the latest, currently in the wild, and even more dangerous threats. In addition, anti-malware typically updates its rules faster than antivirus, meaning that it’s the best protection against new malware you might encounter while surfing the net. By contrast, antivirus is best at crushing malware you might contract from a traditional source, like a USB or an email attachment.

If antivirus and anti-malware were dances, antivirus would be the waltz and anti-malware would be hip-hop.

So which one should you choose?

No one tool can catch everything, which is why security experts recommend a layered approach. It’s better to have more than one set of eyes looking at threats from different angles. “I’m sure you’ve heard the old saying ‘jack of all trades, master of none,'” says Samuel Lindsey, Malwarebytes user advocate. “That’s how I see all-in-one security suites; they just can’t detect everything on any given day.”

Your best bet is to use an antivirus program to catch the classic threats and an anti-malware program, like Malwarebytes Anti-Malware Premium, for the newer, more advanced dangers. And you needn’t worry about the impact of running two real-time scanners at the same time on your machine’s performance—most anti-malware software is lightweight, easy-to-run, and designed to work alongside antivirus.

So there you have it. Your questions have all been answered. You may now be at peace…

Is your network security at risk?

Security is an issue that affects all organisations, regardless of their size and the days where hackers penetrated companies to steal specific information has evolved to a risk far greater. Even small 5-person companies can become part of a bot network and be used for mass spamming purposes.

Failing to install appropriate antivirus software on individual machines or to protect your network with a firewall can result in networks being used as a base for proxy attacks, sensitive information being stolen and sold in and your entire network crashing because of virus damage.

Read More »

Desktop Virtualization

With organisations constantly tightening their belts and austerity measures becoming more commonplace, it is becoming increasingly difficult for IT personnel to provide high levels of service without compromising on performance, reliability and security. This is particularly true of big companies with large user bases such as schools, colleges and universities.

However, maintaining high standards of service and providing employees with the latest software versions is not as expensive as you might think, as a number of our clients have discovered by investing in our desktop virtualization solution. Unlike other solutions, it offers cost savings from the outset as well as ongoing reduced maintenance and energy bills.

Read More »

Company News September 2012

We’ve had a busy year to date and have started working with a number of new clients. We have been awarded ICT and managed services contracts from local companies, KJ Architects and IDTechEx as well as from St Mary’s Primary School (Suffolk) and Sir Robert Pattinson Academy (Lincolnshire), St Christopher’s Primary School and Prince William School. We look forward to developing long-lasting relationships with all these organisations.

We would also like to introduce Jason Platt, Paul Thomson and Francisco Janes. Jason and Paul have recently joined our technical team and their main responsibilities are to provide onsite support to larger clients as part of their managed service agreement. Collectively they have more than 30 years’ experience in ICT support and we hope you will find their technical experience useful and beneficial.

Read More »

Recent NComputing Deployment in Education

West Row Community Primary School (Cambridgeshire) was previously using desktop computers to provide pupils and teachers with an enhanced learning and teaching experience. However, these computers were approaching their end of life.

A cost-effective desktop refresh was therefore under consideration

Read More »