Weekly vCISO Security Notes

Small Business vCISO Security Notes – Week 41

Russell Harris

From the Cloudz Biz security and productivity desk, the vCISO Security Notes for week 41 of 2020 focuses on Mobile Ransomware, Apple Vulnerabilities and Microsoft Azure Vulnerabilities.  We are currently in cybersecurity awareness month.

The purpose of this blog and weekly updates, is to provide small business owners a high level update on cybersecurity issues and productivity opportunities in the market place today.  We hope this brings more awareness to the risks and threats that potentially could effect your business.  By being more aware, your company will increase security, enhance productivity and boost the bottom-line.

vCISO Security Notes:

This week for the vCISO security notes, we review Mobile Ransomware, Apple vulnerabilities and Azure vulnerabilities.

#1 – Mobile Ransomware

Do we really need to worry about mobile ransomware?  We are all aware of servers, laptops and desktops getting hit with ransomware.  Also, very familiar with malware existing on the mobile platform.  Now, we need to consider ransomware as a vulnerability on the mobile platform.

The Risk:

The mobile ransomware, detected by Microsoft Defender for Endpoint as AndroidOS/MalLocker.B, is the latest variant of a ransomware family that’s been in the wild for a while but is still evolving non-stop.  The malware spreads through arbitrary websites and circulated online forums using various social engineering lures, including masquerading as popular apps, cracked games, or video players.  It manages to evade many available protections with a low registration against security solutions.

This threat will block access to devices by displaying a screen that appears over every other window, such that the user can’t do anything else.  Screen contains a ransom note.

The Remediation/Recommendation:

Microsoft Defender for Endpoint on Android, now generally available, extend Microsoft’s industry-leading endpoint protection to Android.  If you’d like to read more about the technical details, read Microsoft’s article here.

For small business owners, we recommend Microsoft 365 Business Premium because then you get Microsoft 365 Defender integrated in the platform to protect your business.  As well as providing a Mobile Device Management (MDM) solution for your business.  If you’d like to learn more about 7 special advantages of Microsoft 365 Business Premium, read the article here.

#2 – Apple Vulnerabilities

A group of white hat hackers signed up for an Apple Bug Bounty program and discovered a total of 55 vulnerabilities  which included 11 critical and 29 high severity.  Most all of them were remediated with 2 business days per the blog post.

Two main takeaways for small business owners:

  • All businesses (even Apple) contain vulnerabilities in their environment.
  • Per the article, Apple so far paid out over $288K to the white hat hackers – this won’t be all because maintaining a secure environment is a continual process.

The Risk:

Overall, an attacker could have:

  • Read various iOS source code files
  • Accessed anything else available within Apple’s internal network
  • Compromise a victim’s session via a cross-site scripting vulnerability

The Remediation/Recommendation:

I applaud Apple for looking for outside help to discover vulnerabilities within their environment.  No company or organization is exempt from being hacked.  With technology changing from month to month, every company needs to sign up for a plan on how to find and remediate vulnerabilities.

#3 – Azure Sphere Vulnerabilities

Microsoft put together an Azure Sphere security research challenge.  Azure Sphere includes hardware, OS and cloud components to create a comprehensive IoT security solution.  A big deal from small businesses gather data remotely through IoT devices and automating their business.

In May of 2020 (this year), Microsoft created an Azure Sphere Security Research Challenge.  Of course the goal like Apple, as Microsoft puts it fight the security battle so their customers don’t have to.

The Risk:

Forty (40) reports were received during this research challenge with 20 Critical/Important reports.  One of these teams exposed a weakness in the cloud and multiple weaknesses on the device including a previously unknown Linux kernel vulnerability.

The Remediation/Recommendation:

Three recent Azure Sphere 20.07, 20.08 and 20.09 contained high impact and major security improvements from the reports submitted from the research community.  Microsoft will continue to partner with security professionals to keep their environment secure with continued improvements.

Cloudz Biz Final Notes

Now that we’ve shared the vCISO security notes.  A few more general thoughts, technology creates advantages through productivity and business workflow enhancements.  Due to technology, the door opens up for attackers to penetrate your small business.  We ask the question, how do you stop attackers when they try to attack small businesses?

  • Don’t use technology?  That seems a bit extreme and won’t enhance productivity.
  • Minimize the amount of technology solutions in your environment.  This reduces the attack surface.
  • Find a service provider who can help secure your small business.

If you want to add anything to these vCISO Security Notes please leave a comment below.  Look forward to hearing from you.