Breathe Admin | Breathe Technology

Cambridge: 01223 209920
London:       02035 190124
France:        +33970734570

lucy@breathetechnology.com

All news by Breathe Admin

2018 SonicWall Cyber Threat Report

Organizations large and small are caught in the middle of a global cyber arms race with vastly different resources.

For this reason, SonicWall is committed to passing their findings, intelligence, analysis and research to you via the 2018 SonicWall Cyber Threat Report. Download the full report to gain:

  • Key advances for the security industry and cybercriminals
  • Exclusive data on the 2017 threat landscape
  • Security predictions for 2018
  • Cyber security guidelines and best practices

DOWNLOAD FULL REPORT HERE

Peterborough Biscuit Business Event

7 February 2018, 09:00 – 17:00

 

Are you a school or business in East Anglia looking for IT support? Breathe Technology are the complete IT Services provider in the region, with unrivalled expertise in outsourced IT support/managed services, systems integration, network security or IT projects. We will be exhibiting at the Peterborough Biscuit Business Event on on 7th February. Why not come and find out how we can help. We would love to meet you!
See where else we will be exhibiting this year at

 

An urgent message from Breathe Technology to all small/medium business owners.

Breathe Technology is leading IT Managed Services Provider and Security Specialist. Over the last year, our security team has been busier than ever due to the high number of malware infections including Ransomware. One business owner recently asked, why are we at risk? What would they do with my DATA?

The answer is simply that they do not want your data. They want to cripple your business and then ask for a ransom. Or they want to add your network to their global spam network and use your systems to achieve their criminal aims. They are using ever-more sophisticated methods of phishing and fake invoicing to take money from your business or your employees/customers.

Large enterprises are spending vast sums on security staff and equipment, making it much harder to compromise these organisations. So, the criminals must instead target small to medium sized businesses, who are less likely to be properly protected.

In order to ensure that you have the correct levels of protection, please ask yourself the following questions:

1)Is your firewall less than 3 years old with the latest updates from the manufacturer?

2)Does your firewall have a Gateway Security Subscription that includes Anti-Virus and Intrusion detection?

3)Does the Security Service on the Firewall include a Sandboxing Feature to capture new and unidentified versions of Malware? On SonicWall this is called Capture and provides what we call Zero Day Protection. The Modern Malware approach is to hide the Malware behind seemingly harmless applications, such as the recent outbreak disguised as an Adobe update.

4)Can your Firewall scan HTTPS encrypted websites? Another new method is to hide malware behind HTTPS sites, as conventional Web Filters would simply ignore these pages as they were encrypted…

5)Was the Firewall installed by a trained professional, either in house or a Security Reseller? Firewalls are very complex and you can only guarantee your install and your safety if the installer was trained by the specific manufacturer…

If the answer to any of these is ‘no’, then you are at risk and need to speak to us.

Thanks to the support from SonicWall, Breathe are now able to offer the exclusive pricing to our customers only, until 20th December. Installations, however, can be scheduled for 2018. This will guarantee you the latest comprehensive network security at heavily reduced prices.

Breathe are supporting this campaign, by providing significantly reduced rates on installation and support.

Our offer prices are shown at the bottom of this email. Please contact one of our sales team on 01223 209920 if you would like to take up one of these offers.

Alternatively, we are also offering discount on a Security Audit of your Network. During the Audit we will review all network security elements from your Email, Web and Application Filtering, Anti-Virus on the Server and Desktops, Windows Updates, Remote Access and your Firewall Configuration. The result will be an easy to understand report, highlighting suggestions and risks. This option is very popular with new customers, as it will provide you with insight, peace of mind and creates a plan to work to.

The pricing provided is a one-off to Breathe for this Campaign, and is not something that is likely to be repeated. Call one our Sales team today if you think your business is at risk.


END OF YEAR PROMOTION ~ EXAMPLE OFFER PRICES.

All prices include Advanced Gateway Security Suite for 3 years

(These are our most popular models; other models available at the discounted rates, please contact us for more information).

SonicWall Model SuitableFor RRP Our price until 20th Dec
TZ 300  

Single site < 20 users

 

£1,707.03 £979.20
TZ 400 Single Site <30 users £2187.66 £1,189.20
NSA 2650 Site-to-site and client VPN <75 users £6,283.47 £3,499.20
NSA 3600 Distributed networks <150 users £8,388 £4,891.20
NSA 4600 Demanding, High Speed Office networks £11,746 £6,747.60
NSA 5600 Core of demanding networks/Head Offices £23,082 13,262.40

 

  • Call 01223 209920 to speak to one of our team about your requirements.
  •  Or email lucy@breathetechnology.com to book a meeting.

Are their Kracks in your Wireless Network

As a SonicWall Gold Partner, we delighted to share the following update from SonicWall:

Network Security

Are there KRACKs in Your Wireless Network Security?

By John Gordineer

Information and recommendations on protecting your wireless deployment

On October 16, 2017, Belgian security researchers made public their findings that demonstrated fundamental design flaws in WPA2 that could lead to man-in-the-middle (MITM) attacks on wireless networks.

Named KRACKs, or key reinstallation attacks, this technique can theoretically be used by attackers to steal sensitive information from unsuspecting wireless users leveraging these flaws in the WiFi standard. Based on their research, CERT issued a series of CVEs to address this flaw, and most vendors affected have issued patches as of this writing.

More details on these vulnerabilities are available on the researchers’ website at www.krackattacks.com.

Are SonicWall wireless solutions vulnerable?

SonicWall Capture Labs has evaluated these vulnerabilities and determined that our SonicPoint and SonicWave wireless access points, as well as our TZ and SOHO Wireless firewalls, are not vulnerable. No updates are needed for SonicWall wireless access points or firewalls with integrated wireless.

What can I do to protect my wireless network?

Whether or not you are a SonicWall wireless network security user, we do recommend that you take immediate action to minimize the risk presented by these vulnerabilities.  We advise the following:

  • Patch all of your WiFi clients, whether Windows, Linux, Android, iOS or Mac OS based, with the latest KRACK updates from your client vendors. The attack is launched by compromising the wireless device, not the wireless router, so that is the most important area to focus on when you go about patching.
  • If you are not a SonicWall wireless customer, check with your vendor to determine if you need to patch your wireless access points and/or routers. Ideally, your WiFi solution would be centrally managed allowing you to provide updates and patches in a timely fashion without crippling IT resources. Again, if you are a SonicWall wireless customer no updates to the access points are needed.
  • Add an additional layer of security by using VPN technology to encrypt all network traffic between your wireless devices and your firewall. For SonicWall customers, we recommend the following:
    • For SSL encryption on mobile devices, use the SonicWall Mobile Connect client, which is available on the Apple App Store, Google Play, Windows Phone Store or Chrome Web Store.
    • For IPsec encryption, use the SonicWall Global VPN Client.
  • Advise your users to transmit sensitive data only on TLS/SSL-encrypted web pages. Look for the green lock symbol in the address bar along with https in the URL.
  • The new SonicWall SonicWave series includes a dedicated third radio for scanning.  For SonicWave wireless users, we recommend that you turn on the wireless intrusion detection feature that allows you to block traffic from rogue access points (specifically in this case an evil twin).  This will ensure that the third radio is continually scanning for these types of attacks in real-time.
  • Be on the lookout for unusual activity inside or outside your facility. In order to launch an attack using these vulnerabilities, an attacker must be physically located within Wi-Fi range of both the access point and the wireless client that is attempting to connect to the network. That means the attacker must be in or near your building, which makes it a bit more difficult to leverage than other Internet-only attacks.
  • One other note: there is no need to change Wi-Fi passwords as the KRACKs do not require the Wi-Fi password to be successful.

SonicWall believes that IT must be able to provide secure, high-speed access for the organization across both the wired and the wireless network, especially as Wi-Fi becomes more of a necessity and less of a luxury. However, cyber criminals are racing to leverage wireless to initiate advanced attacks.

SonicWall can help you extend breach prevention to your wireless network. SonicWall’s wireless network security solution provides deep packet inspection for both unencrypted and TLS/SSL-encrypted traffic along with a cloud-based, multi-engine Capture sandbox and a complete lineup of centrally managed SonicWave 802.11ac Wave 2 wireless access points.

FacebookTwitterGoogle+LinkedIn

John Gordineer
Director, Product Marketing | SonicWall
John Gordineer is the director of product marketing for SonicWall products.  In this role, he is responsible for technical messaging, positioning, and evangelization of SonicWall network security, email security, and secure remote access solutions to customers, partners, the press and industry analysts.  John has more than 20 years of experience in product marketing, product management, product development and manufacturing engineering at Verilink and SonicWall.  John earned a bachelor’s degree in Industrial Engineering from Montana State University.
Featured KRACK Security WiFi wireless network security

How IT steals your staff’s time and productivity

What happens to your staff when an IT problem stops them from getting on with their work?

In our new guide, we look at the most common IT problems that waste your staff’s time, and how to prevent most problems from happening in the first place.

Click here to view and download

Wannacry, Petya ~ What’s the next threat?

We wanted to share the latest Blog post by our partner SonicWall, in relation to recent ransomware attacks:

Locky, Then WannaCry, Now Petya. Is This The New Normal in Cyber Security?

News reports continue to roll in about yet the latest massive global ransomware attack. This time, the payload appears to be a ransomware called Petya. SonicWall Capture Labs identified the original Petya variants in 2016. However, this time it appears to be delivered by Eternal Blue, one of the exploits that was leaked from the NSA back in April. This is the same exploit that was used in the WannaCry attack.

Infected systems will initially display a flashing skull, followed by a lock screen:

Once again, the cyber arms race continues to evolve. If I were to boil this down to its essence, what we are now seeing is that cyber criminals are combining exploits and attacks in creative ways that are not necessarily new, but still quite effective. Like mixing cocktails, the ingredients are all well known, but the exact mix can be completely new.

Attack details: SonicWall customers are protected

Today, June 27, SonicWall Capture Labs began tracking a high number of Petya ransomware attacks against SonicWall customers. Petya as a malware payload is not new. In fact, we reported in the 2017 Annual SonicWall Threat Report that it was second only to Locky in the number of infections we noted last year. The good news for SonicWall customers that are using our security services is that we have had signatures for certain variants of Petya since March 2016. Then, in April 2017 Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA. Also, on June 27, the Capture Labs Threat Research Team issued a new alert with multiple signatures protecting customers from the new Petya Ransomware Family.

Recommendations for SonicWall customers

As a SonicWall customer, ensure that your next-generation firewall has a current active Gateway Security subscription, in order to receive automatic real-time protection from known ransomware attacks such as Petya. Gateway Security includes Gateway Anti-virus (GAV), Intrusion Prevention (IPS), Botnet Filtering, and Application Control. This set of technology:

  • Includes signatures against Petya (part of GAV)
  • Protects against vulnerabilities outlined in Microsoft’s security bulletin MS17-010 (part of IPS)

Since SonicWall Email Security uses the same signatures and definitions as Gateway Security, we can block the emails that deliver the initial route to infection. To block malicious emails, ensure all Email Security services are up to date. Since 65% of all ransomware attacks happen through phishing emails, this also needs to be a major focus when giving security awareness training. Additionally, customers with SonicWall Content Filtering Service should activate it to block communication with malicious URLs and domains, which work similar to the way botnet filtering disrupts C&C communication.

Because more than 50% of malware is encrypted, as a best practice, always deploy SonicWall Deep Packet Inspection of all SSL/TLS (DPI SSL) traffic. This will enable your SonicWall security services to identify and block all known ransomware attacks. Enabling DPI SSL also allows the firewall to examine and send unknown files to the SonicWall Capture Advanced Threat Protection (ATP) service for multi-engine sandbox analysis. We recommend that you deploy Capture ATP in order to discover and stop unknown ransomware variants. Because of the rapid proliferation of malware variants, SonicWall leverages deep learning algorithms to provide automated protection against both known and zero-day threats. The combination of the SonicWall Capture Threat Network and SonicWall Capture ATP sandboxing provides the best defense against newly emerging hybrid attacks such as Petya. As always, we strongly recommend that you also apply the Windows patch provided by Microsoft to protect against the Shadow Brokers leaked exploits as well.  And it is always a good idea to maintain current backups of all critical data to allow recovery in the event of a ransomware event.

 

Click here to read the full report and past blog posts by SonicWall

Call Now Button