New Ransomware Campaign Identified
A new inbound Ransomware campaign has been identified that is currently propagating across the Internet. The virus is spreading via an email with the subject line “debt fax from <your domain here>”. If the email is opened, the virus begins encrypting data on the network, rendering it inaccessible. RFA strongly urges all clients to advise employees to refrain from clicking on any suspicious links or opening any emails from unknown sources, specifically email with the above referenced subject line, and delete any such emails immediately.
To mitigate this vulnerability, RFA recommends implementing a manual inbound SMTP block for any email matching the above referenced subject language on anti-spam devices and services. RFA is currently implementing the block for all clients with managed email security.
If you have any questions or require any assistance, please contact the 24/7 RFA Service Desk at 212.867.4600 or via email at email@example.com.
Quicktime for Windows
Quicktime for Windows No Longer Supported by Apple
The department of Homeland Security Computer Emergency Readiness Team (US-CERT) recently announced that Apple will no longer provide security updates for the Microsoft Windows-specific version of QuickTime, leaving the software vulnerable to malicious cyber activity.
Advisories have been issued for two vulnerabilities identified in QuickTime for Windows. If exploited, these vulnerabilities could allow remote attackers to take control of affected systems.
QuickTime for Mac will continue to be supported by Apple and there are no identified vulnerabilities on this platform.
To mitigate these vulnerabilities, RFA highly recommends uninstalling QuickTime on all Windows machines. Windows Media Player can be used to play media files as an alternative. Clients that subscribe to RFA Maintenance (Compass) services will be contacted to schedule an uninstall timeframe. If you would like assistance with uninstalling QuickTime for Windows, please contact the RFA Service Desk at 212.867.4600 or via email at firstname.lastname@example.org.
A security advisory has been released regarding vulnerabilities in Cisco ASA software. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause a reboot of the affected system or execute remote code.
Cisco has released a software updates for this vulnerability. Clients who subscribe to RFA patch management services and require this update will be contacted by the RFA Network Engineering team to schedule deployment of required patches. Clients that do not subscribe to RFA patch management services can also contact the 24/7 RFA Service Desk to schedule updates.
The National Weather Service is predicting that Hurricane Joaquin might impact the New York, New Jersey and Connecticut areas at the beginning of next week. RFA is closely monitoring the development of the storm. Our BCP team will be standing by to assist all clients in the event of any business disruptions. RFA has resources allocated to support clients in the event of any unforeseen complications, such as floods or power loss, prompted by natural disasters.
RFA Managed services, including managed private cloud platforms, co-location services and BCP platform with managed offices are hosted in RFA’s secure data center facilities. The functionality and performance of our emergency systems and critical infrastructure operations is continuously monitored. The facilities are equipped with auxiliary power generators for redundant electricity and are prepared for any weather-related emergencies.
We recommend that all clients review their Business Continuity Plan and ensure that all employees are aware of emergency escalation procedures.
RFA will continue to provide updates as we receive additional information on where and when the storm will make landfall. The updates will also include information from utility providers, as well as the location of hotspots where businesses are experiencing disruptions.
For any assistance, please contact RFA’s 24/7 Service Desk at 212.867.4600 or via email at email@example.com.
Hedge Fund Standards Board- Cyber Memo
September 20, 2015
Cyber Security Memo
The Hedge Fund Standards Board has released a cyber security memo covering a variety of important topics. Cyber security has become an increasingly prominent focus of the industry. Regulators also are taking a strong interest in understanding and assessing regulated firms’ resilience to cyber attacks. The memo covers the following topics:
Overview of existing high-level cyber risk management tools
Framework to identify a firm’s key digital assets (“crown jewels”)
List of practical “quick win cyber security action items”
Overview of “cyber security projects” to enhance a firm’s resilience
Development of an “Incident Response Plan”
Overview of regulatory requirements, guidance and approaches to cyber security
SEC OCIE Release
September 15, 2015
The SEC Office of Compliance and Inspections (OCIE) has released a new cybersecurity alert to provide more insight into specific areas of focus that Registered Investment Advisors should concentrate on as they will be highlighted in the next round of cybersecurity compliance examinations. The key areas of interest are:
Data Loss Prevention
Clients that have engaged RFA to perform a Cybersecurity Assessment have already been consulted on all of the above mentioned items. For further information on how the alert relates directly to your firm, please contact your RFA Account Manager or call the RFA managers hotline at 212-220-9020.