Mike Mimoso and Chris Brook recap the news of the week, including a Microsoft SMB zero day, the latest Netgear router vulnerability, and a new HTTPS milestone.
Our AVG Business products won top honors in ChannelPro’s 2016 Readers’ Choice Awards, securing Gold and Silver wins in the Antivirus, Security Software Suite and Remote Monitoring and Management categories.
This is also the third consecutive year we have been a ChannelPro medalist in the security software suite category.
The ChannelPro Readers’ Choice Awards are entirely driven by votes and direct feedback from SMB channel readers of ChannelPro magazine. More than 500 channel VARs, MSPs, integrators, system builders, and IT consultants cast their votes for Gold, Silver, and Bronze winners across a range of categories.
Readers were asked to cast their votes for the vendors with the most SMB- and partner-friendly products, technologies, services, and programs, as well as the top professional organizations in the channel today. IT professionals were also asked to select the option that best satisfies the unique business requirements, work styles, and budgets of their small and midsize business clients, as well as those that best serve their own partner organizations.
This is a special win that our AVG partners can share with their clients. It also provides another strong testament to the quality, performance and simplicity of our AVG Business product portfolio, as well as the strong channel partner program we are building.
Comments from Cecilia Galvin, executive editor of ChannelPro-SMB, capture the value of this recognition, “We are gratified that such a large number of readers participated in our survey, underscoring their commitment to, and understanding of, the SMB market and the vendors, distributors, and professional associations with whom they partner. The results are a true snapshot of the top IT product and service providers in today’s SMB channel.”
Here are the awards you can mention and share:
Please share these wins with your teams and clients. Your AVG Account Manager can provide awards logos to share and promote. Thank you for your continued support!
Jigsaw is a fast-growing ransomware threat on the web, posing new danger for businesses. It is also the first ransomware to actually delete files hourly until the ransom is paid.
In April and May, our AVG Virus Lab team detected and blocked nearly 3,000 instances of Jigsaw across 25 countries. This recent detection report showed the malware being most active in the United States, Germany and South Africa.
It is still critical that you understand how Jigsaw works, how to identify it and best steps for protection.
How does Jigsaw work?
- You typically have 72 hours to pay the ransom, usually in Bitcoin.
- Every hour after that, Jigsaw deletes files to pressure victims into paying.
- The rate at which files are deleted is exponential, from a single file to a thousand files at a time.
How does Jigsaw spread?
- Email – malicious or spammed emails are common entry points.
- Be on alert for malicious links and attachments with malicious code inside disguised as a pdf, Word, Excel or .Zip file. Don’t open email with suspicious or vague email subject lines.
- Websites – visiting web pages can be an entry point.
- Simply visiting an infected web site, you could be at risk.
- Many websites are legitimate and you have no way of knowing if they have been infected.
- Don’t click on popups or banner ads, if the product/service is of interest, then visit the site directly
- The only defense is ensuring all software is updated, and using advanced antivirus software protection (Our AVG Business products provide this defense.)
How can a business stay protected?
- Backup files to an external drive (local drives can become encrypted)
- Even better, disconnect the external drive after the backup and do a cloud backup.
- Educate employees
- Employees should know what to watch for and what to avoid.
- Implement policies to prepare for and manage ransomware
- Antivirus software must always be on and up to date (AVG Business products detect and protect against ransomware and other malware. Be sure you have the latest AVG software running!)
- Update all software to the latest versions, from within the product or directly from the vendor web site
- Put processes in place and train users on what to do if an ‘event’ occurs (Examples: Notify IT or MSP, shut down, pull network cable).
- Use multi-level AV protection
- At AVG, we use a multi-layered security approach with multiple layers of inspection and testing to identify and eliminate a wide variety of malware.
- AVG’s 2016 security engine leverages sophisticated technologies – including artificial intelligence, advanced algorithms and cloud-based outbreak detection to detect and protect in real-time. AVG Business products are powered by these technologies with features that also include an advanced scanning engine, LinkScanner for safe web surfing, online shield, identity protection and more.
- We regularly submit our security software to independent test labs and have receive high industry-leading results across protection, performance and usability categories.
Don’t let your business or client’s business be held for ransom. AVG partners and distributors can find out more about our AVG Business solutions with integrated AV 2016 at www.avg.com/service-provider-solutions.
We have seen an incredible excitement in the MSP market surrounding our release of Managed Workplace 10. This month, we have continued this momentum with new security and key enhancements.
Managed Workplace 10 now includes integrated advanced security features from our award-winning AntiVirus 2016 engine, in addition to expanded remote control functions, alerting and customized reporting enhancements.
This is all part of our Managed Workplace Service Pack 1 release, available now.
A few highlights include:
- Advanced AVG AntiVirus 2016 Engine
- Advanced heuristics: Through a combination of Artificial Intelligence and advanced algorithms, stops emerging and known threats from ransomware, malware, viruses, spyware, worms, rootkits, and Trojans
- Cloud-based outbreak detection technology: Helps identify even the newest malware variants in real-time
- Advanced scanning engine: Scans your systems without impacting the day with boot-time scanning, scheduled and on-demand scans
- Online shield: Uses cloud-based detection to identify dangerous downloads fast
- LinkScanner: Assesses web pages in real-time for safe surfing, searching and downloads
- Identity protection: Shields passwords and credit card numbers from hackers and scammers
- Email protection: Protects confidential data from latest spam and phishing attacks
- Firewall protection: Strengthens your perimeter of defense, stops the spread of viruses
- Enhancements to Premium Remote Control
- Ad hoc and on-demand sessions: Offers remote support to anyone on the Internet without the need to have Managed Workplace deployed.
- End-user consent: Respects the privacy of your customers by requesting access to initiate remote control to their devices.
AVG partners are already taking advantage of Service Pack 1. An AVG channel partner in Ontario, Canada shared his feedback:
- “Managed Workplace’s integrated AV will allow us to manage threat policies and customize update and scanning schedules while centralizing threat detection into one platform.”
- “The Enhanced Remote Control feature is a welcome addition to the already fantastic Premium Remote Control client. The ability to prompt users for remote control authorization and provide remote assistance to any user via the on demand feature means we no longer need to purchase and maintain a separate remote control solution for our clients.”
Put the new features to the test today. If you’re new with Managed Workplace, join our Daily Demo by clicking here. As always, please continue to share your feedback.
Monitoring and managing your customers can be challenging as demands increase and environments become more complex. Your tools must present fast and complete information– reducing complexity, not adding to it.
In April, we introduced AVG Managed Workplace 10 – a simplified approach to RMM that enables MSPs to deliver managed services and advanced security in a simplified, scalable and applied way that also meets their own business goals.
Feedback from our AVG partners indicates we’re on the right track – take a look:
“We have used Managed Workplace since 2006; it is our eyes and ears to everything. We looked at Kaseya, LabTech, Microsoft Systems Center – but AVG had the full featured RMM solution and with Managed Workplace 10, keeps improving.”
“Managed Workplace 10 is helping us reduce our onboarding time. The change to service plans was a big step forward in terms of architecting a managed service offering. We have gained immediate time savings and it’s easier to roll this out for our technicians.”
“The AVG Managed Workplace service templates are a stroke of genius. We literally onboarded a new customer on the first day of the product’s release and applied a monitoring, antivirus and proactive plan for a new customer within 10 minutes. We removed about five days of technician time thanks to the solution.”
“We can see that AVG Managed Workplace represents a significant improvement. We like the ability to apply a service plan to a site and like the fact that these are customizable. We also see the ease of use in setting up services and linking these to the service plans and speeding onboarding.”
“Using AVG Managed Workplace 10, onboarding is a breeze. There are multiple things you need to do when onboarding customers and setting up a site but with AVG Managed Workplace’s service plan model, all the alerting is pre-configured and ready to go. You don’t have to go in and customize each individual client based on the service plan they are part of and you can see quickly how the customer is being supported and the specific environment.”
“During the beta process, AVG really encouraged us to put Managed Workplace through its paces. They gave us a checklist of items to try and it enabled us to experiment with everything – it was a fantastic approach. We upgraded all customers without a hitch.”
“We have used different RMM tools in the past but they either had terrible support or too much required maintenance. AVG has a good balance of necessary information, self-management, and of course, price point. With the new Managed Workplace 10, we were able to easily transition our clients into standardized Service Plans. It was easy to reassign sites into their proper service plans. Configuration changes can now be adjusted very easily and only one time!”
Put Managed Workplace to the test today for your business. Join our Daily Demo and experience the simplicity by clicking here.
Phishing is on the rise as hackers are finding easier and less expensive ways to launch attacks. Every solution in our AVG Business product portfolio detects and protects against phishing.
Phishing is a security hack to trick you into providing usernames and passwords to your accounts. Usually sent as a legitimate-looking email from a company you may use or buy services from, a phishing hack will ask you to login to your account to verify some information.
The email may communicate that your account has been, or will be, closed down unless you act promptly. The email is actually not from a legitimate or trustworthy company. With one click, you’ll be directed to a fake website and any login or user information will be sent to the hacker.
The good news is every solution in our AVG Business product portfolio detects and protects against phishing. Educating your business clients is the next step in a good defense.
AVG Business portfolio detects and protects
Our LinkScanner® is a security feature in every AVG Business product, including AVG AntiVirus and Internet Security Business Editions, AVG CloudCare and AVG Managed Workplace. To protect against phishing, the feature checks web pages in real-time before they open in browsers, displaying immediate alerts to help eliminate click throughs to compromised web pages.
The advanced technology powering this feature takes a multi-layer approach to identify and stop “phishy” emails:
- First, we scan the web continuously to identify “phishy” emails and websites linking to these.
- Next, we analyze those websites and also compare them with legitimate sites. In this process, we identify unique characteristics in the way web pages are coded to identify if it is a phishing site – similar to taking a “fingerprint” of the phishing website.
- Then those “fingerprints” are automatically added to your AVG software’s virus database so it can identify this phishing site and other sites that may use the same or similar code.
- AVG monitors any web links that you click and stops phishing pages from loading and displays a message alerting you to the danger.
Please share this education about phishing with your business clients and continue to put advanced detection and protection in place with AVG Business solutions.
This year, we are leveraging the power of distribution to help our channel partners take their security business to the next level. This is also aligned with our partner-focused approach.
Our distribution strategy will provide access to specialized, geo-specific distribution companies. This will increase ease of doing business for our partners.
Our distribution partners can provide services ranging from logistics to pre-sales, finance and technical support. Our AVG Business Sales team will remain heavily engaged with our growing partner base, and at the same time, develop new accounts and relationships within our distribution partner network. We will also continue to work with our large top-tier distributors to complement our model.
We have recently onboarded new distribution partners in the UK, Ireland, the DACH region and North America.
And today, EarthBend joined our channel as a new AVG Business distributor for North America and Canada.
Here are a few facts about our new partnerships:
- EarthBend, based in Sioux Falls, South Dakota, is a fast-paced, fast-growing distributor that serves businesses in the U.S. and Canada
- AVG will be the primary business security and managed services solutions provider in EarthBend’s product portfolio
- The specialized distributor is an experienced MSP with a history of selling AVG Managed Workplace and known for its highly skilled, certified account and engineering team
- CMS Distribution
- Joined our channel program in March 2016
- Independent value added distributor in the UK and Ireland
- Serves 3,000 resellers, including the top 100 value added resellers in the UK
- ADN Distribution GmbH (ADN)
- Joined our channel program in May 2016
- Value added distributor in Central Europe
- 20+ year history in security, managed services and RMM solutions
- Joined our channel program in May 2016
- Value added distributor in Europe serving 7,500 resellers (2,500 in Germany)
- 20-year history in IT solutions
- Sole focus on IT security (including managed services and managed security solutions)
- Existing AVG distributor, expanded its AVG Business EMEA footprint in May 2016
- Specializes in IT/communications technology in EMEA emerging markets
- 27,000 active customers in over 65 countries
We look forward to extending the benefits of our distribution model for our partners as we build out our strong, channel program.
Should be “Shot at sunrise” is the opinion of U.S. politician Michael C.Burgess, the representative for Texas, when talking about the cybercriminals who distribute ransomware that victimizes consumers and businesses.
Ransomware, malicious software designed to block access to a computer system until a sum of money is paid, and the use of exploit kits to distribute it, are adding new challenges to threat detection and protection. And now Angler, an exploit kit, which has been a known Internet threat since 2013, is being used to distribute ransomware. With the sole intent of installing ransomware on victim’s machines.
Our AVG Web Threats team is tracking these widespread ransomware attacks being delivered by the Angler crimeware exploit kit.
The use of exploit kits to distribute ransomware is a new trend – one that could cause widespread ransomware distribution. Exploit kits are software packages readily available for sale and are used by malicious operators to easily create malware that performs a wide variety of malicious functions. The malware is installed on hacked web servers and attacks the machines of visitors to web sites, in many instances, without their knowledge.
There is a common misperception that web users are only at risk if they browse risky sites, however, hacked sites are often brand names and appear safe. Small business sites in particular can be prime targets because they have less security and their visitors typically know the company and trust their brand.
The malware on these sites seeks out vulnerabilities in commonly used tools that improve website experiences, such as Flash, Silverlight and other software that employs Java and PDF-format files. The malware then runs malicious code on the visitors’ machine to install ransomware, backdoors and Spybot clients.
Our AVG Web Threats team has researched a particular instance of a Java exploit commonly found in association with Angler. This threat is detected by AVG, which we’ve been detecting since January. AVG customers who participate in anonymous threat sharing reported 6,123 hacked domains serving Angler in January, 8,260 in February and 4,412 in March.
Angler ransomware installs
TeslaCrypt is the most common type of ransomware installation currently that’s associated with Angler, according to our AVG Web Threats team analysis of this threat. TeslaCrypt encrypts users’ files, including writeable shares, and messages the user to extort payment for recovering the encrypted data. Paying the ransom to unlock files typically does not result in the recovery of the files.
Below are screen shot examples of ransomware attacks that attempt to extort $1,000 USD, payable through the untraceable currency of bitcoins.
Our AVG Web Threats team track the Angler-infected host machines have also tracked incidences of downloading malware known as backdoor malcode (commonly Bedep). Backdoor, or Bedep, can snatch passwords and personal confidential data from visitors’ machines.
Protecting your desktop
AVG recommends that consumers and businesses take the following preventive measures:
- Frequently backup data and important files; do not leave the backup device connected to the machine
- Ensure that security software, such as AVG, is up to date
- Ensure that Windows updates are downloaded and installed; doing this automatically is recommended.
- Update browsers and ensure you are using the latest versions available
Protecting web servers
Malicious code from the Angler exploit kit is initially installed on the web pages of vulnerable servers. For businesses, standard security precautions and monitoring are the basic defense. Researchers find a large number of Angler injections on WordPress and Apache servers – these should be given an extra measure of scrutiny.
- Ensure all Operating System patches and updates are applied quickly
- Regularly review and assess the state of 3rd party software running on the server. For example, vulnerabilities in packages like WordPress are particularly important, as these are common attack vectors
- Consider removing site content and 3rd party software that is out of date or not being used
- Keep backups of websites in a safe place (not on a shared directory); offsite backups are best
- Monitor web pages for unexpected and unauthorized changes
- Keep antivirus and other security software, such as AVG, updated
- Consider using intrusion detection applications, such as AVG
Our AVG Web Threats team continue to monitor and track threats such as Angler, so that we can deliver the security you need to keep your devices and businesses safe.
Ransomware will prevent file access, web browsers, applications, and entire operating systems – holding the lifeblood of a business operation ‘hostage’ until a ransom is paid.
At AVG, we use a multi-layered security approach with multiple layers of inspection and testing to identify and eliminate a wide variety of malware, including ransomware. When accessing a file, our multi-layered security approach uses several different inspection and detection techniques, as detailed below, to determine whether the file is malicious.
Simply described, the process includes these layers:
- Files are first compared to any known variants in a malware database – both the metadata and content of the files are analyzed
- Files are then tested in an emulator (a virtual computer)
- Now that the file is running, its behavior is assessed using a variety of techniques, including Artificial Intelligence algorithms
- Behavioral assessments occur in the AVG application and in the cloud, but they all work together behind the scenes and in real-time to determine whether a file is malicious
- If the file is determined to be malware, it is quarantined, and AVG’s Crowd Intelligence feature updates all AVG software
We also regularly submit our security software to independent test labs. Results from these independent tests serve as more proof points to the effectiveness of our technology and multi-layer approach. Our latest round of testing by AV-Test.org earned a six out of six rating – the highest rating for protection. In a recent Real-World Protection Test by AV Comparatives, AVG scored a 99.8% detection rating.
It is difficult to predict and guard against everything hackers may throw our way, but in the face of constantly evolving threats, a multi-layered security approach is a smart strategy.
To find out more about our AVG Business Edition solutions, please visit our business security page.
“SMBs are not just targets of cybercrime, they are its principal target”
says a U.S. Security and Exchange Commission report from last fall. In fact, the majority of all targeted cyberattacks last year were directed at SMBs.
The New York Times, in its article No Business Too Small to Be Hacked, said that 60% of all online attacks in 2014 targeted small and mid-sized businesses. Of those attacked, more than half (60%) would go out of business within 6 months of a data breach. That’s a lot of broken dreams and heart ache because of a lack of security.
Small businesses lack IT expertise and budget
SMBs make attractive targets because they often neglect their security or rely on older consumer security software for protection. Money is always an issue, and sometimes the budget doesn’t allow for an expensive security package.
Just recently, our free, cloud-managed security solution, Avast for Business, passed a milestone – more than 1 million endpoints protected in less than a year. From our relationship with IT admins in sectors as diverse as Education, Non-profits, Retail, IT consulting firms, and SMBs, we have learned that many organizations lack in-house expertise or resources to install costly and complex security solutions.
“All we wanted was a simple security solution that worked, and I knew we didn’t have to pay a fortune for it,” said Tyler Hisel, an IT technician in Ohio. “Avast was cost saving and had lots of features that I was surprised came free,” he said, “I’ve got to hand it to you, it’s really an impressive product and it being free just makes it better.”
How to protect your organization from cyberattacks
- Install Avast for Business to protect your PCs, Macs, and servers from hackers and data breaches. Avast for Business is easy to deploy and monitor. Our customers tell us that even IT-challenged staff have no issues using our security solution.
- Create strong passwords. This is an easy piece of advice that many small business people fail to take. We understand that using passwords which are 20 characters with a mix of capital letters, numbers, and symbols is challenging to manage. That’s why Avast has created Avast Passwords, a free password management system which creates strong, unique passwords for each of your accounts. It’s free in all Avast Antivirus programs, and synchronizes across your devices.
- Train your employees. Many hacks originate from employees clicking on malicious links or websites. Explain the concept of social engineering to your employees, what the most recent methods of attacks are, and the latest malware threats. Follow this blog or Avast on Facebook or Twitter to stay informed.
Avast for Business is available for every business worldwide
Avast for Business is free for every organization worldwide. Visit Avast for Business to learn more and sign up.