SolarWinds Malware Security Breach Spares No One

December 16 2020

Details about the Russian-based malware security threat that infected an estimated 18,000 organizations continue to unfold. Over the last several days, targets and victims of the campaign, which originated from a seemingly legitimate software update of the Orion network management product from SolarWinds, have emerged and include a who’s who of the U.S. government, numerous Fortune 500 companies and potentially over 22,000 managed service providers. The U.S. Treasury Department, the Department of Homeland Security, the State Department, the Justice Department, and potentially entities from all five branches of the U.S. military installed the compromised software on their systems. SolarWinds also counts 499 of the top Fortune 500 companies as customers, so the extent of the security breach is extensive.

According to stories published on DarkReading.com and ZDNet, security vendor FireEye uncovered the malware campaign while investigating a breach on its own network. FireEye recently published a description of the malware, “SolarWinds.Orion.Core.BusinessLayer.dll is a SolarWinds digitally-signed component of the Orion software framework that contains a backdoor that communicates via HTTP to third party servers. We are tracking the trojanized version of this SolarWinds Orion plug-in as SUNBURST.

“After an initial dormant period of up to two weeks, it retrieves and executes commands, called ‘Jobs,’ that include the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services. The malware masquerades its network traffic as the Orion Improvement Program (OIP) protocol and stores reconnaissance results within legitimate plugin configuration files allowing it to blend in with legitimate SolarWinds activity. The backdoor uses multiple obfuscated blocklists to identify forensic and anti-virus tools running as processes, services, and drivers.”

On Monday, Dec. 16th, the U.S. Cybersecurity and Infrastructure Security Agency issued an emergency directive, only the fifth since 2015, advising “all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.”

DarkReading.com reported, “The targeted attack has once again focused attention on the long-standing issue of supply chain and third-party security. It has also raised alarm about the extent to which Russian advanced persistent threat (APT) actors and threat actors from other countries may have insinuated themselves into, and are lurking on, U.S. critical infrastructure and networks, ready to activate at a moment’s notice.”

SolarWinds’ Orion technology monitors networks of hundreds of thousands of organizations in government, banking, healthcare and other industries..

During the past month, more than 30 SolarWinds’ MSPs have signed up with MspPortal Partners Inc, and they are now protected on one of the oldest, most established and trusted security platforms.

Stay Alert this Holiday Season

It should go without saying that when it comes to cybersecurity, if you use a computer or mobile device, you shouldn’t let your guard down this holiday season. Unfortunately, when it comes fighting to be the first who gets the new Sony PS5 or Apple Air Pods Max, sometimes commonsense goes out the window. Add a global pandemic, which has consumed everyone’s attention, and it’s no surprise why personal privacy and cybersecurity are not a focus or priority.

With more people working remotely and companies extending their networks to home offices around the world, nefarious practitioners have also shifted their focus. Again, no surprise that the response of businesses to send people home because of COVID-19, created a gap in cybersecurity, forcing organizations to invest even more time and resources in protective measures. In addition, phishing emails related to COVID-19 have surged, along with scams and attacks related to stimulus payments.

One editor wrote, “Ask almost anyone what the top global story was for 2020, and they will likely start with the COVID-19 pandemic. But there is much more to this story.

“2020 will also be remembered as the year that security events exploded and cyber incidents transformed society in numerous ways.”

So, as we head into and slowly out of the most vulnerable time of the year, pay a little more attention to what website you are sharing your personal information with, and what email you are responding to. As you focus on taking care of your personal health and doing your part to prevent the spread of the COVID-19 virus, consider your approach to cybersecurity and do your best to avoid falling victim to or spreading digital viruses as well.

Have recent Microsoft O365 downtime’s and outages impacted your customers’ productivity?

Protection with pricing below market place by MspPortal Partners Inc who now partners with Barracuda Essentials

MspPortal Partners manages with partners over 15,000 MB’s. From The East coast to the West Coast including Alaska and Canada

Has recent Microsoft O365 downtimes and outages impacted your customers’ productivity?

MspPortal Partners Barracuda Essentials includes business continuity with data spooling, at no charge, eliminating downtime. The Email Continuity Service ensures email operations continue by failing over to our cloud-based email service, in the event primary email services, like Office 365, become unavailable. During email server outages, an emergency mailbox allows users to continue sending, receiving, reading, and responding to email.

Barracuda Essentials can also help your customers:
•Stop advanced threats: protect your customers from volumetric threats like malware and spam, as well as advanced threats like targeted spear phishing and ransomware
•Stay compliant and productive: on top of email continuity, our tamper-proof archiving ensures compliance with email retention policies
•Keep their data safe: protect your customers’ data from corruption and deletion with full cloud backup and recovery of every email and file. keep sensitive data safe with data leak prevention and encryption.
I believe Barracuda Essentials can help add value to your business, and can not only keep your customers up and running during downtime, but can keep them safe.

If you have any questions around the solution, how to sell it, or any other questions, we will be more than happy to assist.
As always MspPortal Partners does the intial best practice spin up, training and first and second line tech support.
MspPortal Partners has been using Barracuda Spam filtering for over 8 years with MspPortal Partners.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender – Distributor
“Where Service and Technical Skills Count”

MspPortal Partners Secures 700 Endpoint Agreement with California Secondary School

August 17, 2020

MspPortal Partners Inc. has closed on a 700-endpoint agreement with a school in California. We worked exclusively with a local reseller partner to negotiate the Bitdefender agreement that will provide endpoint security for teachers and students at the school over the next three years. Our ability to acquire endpoint security seats in bulk resulted in savings for our partners, as well as for the school.

This new contract, which was taken from a competitor, reflects our commitment to supporting large enterprise-level accounts in the education, healthcare and government markets. Earlier this month, we announced our expansion into the enterprise space with Bitdefender and our national network of reseller partners.

MspPortal Partners is building its enterprise email security business on Barracuda, which is a trusted security provider protecting millions of e-mail mailboxes systems worldwide. In addition to the benefits of better pricing, resellers receive tech support across North America, five-star training, no upfront setup fees normally.

About MspPortal Partners Inc.
MspPortal Partners is a Managed Service Provider/Value Added Distributor for a number of security products, including Barracuda and global security leader, Bitdefender. Currently, MspPortal manages more than 400 tech firms and thousands of seats of antivirus/malware protection software and thousands of spam/malware filtering mailboxes. The company’s Managed Protection is a subscription security service that removes the cost and management overheads of hardware, people and other resources dedicated to antivirus/antispam /backups and security flaws for SMBs. MspPortal Partners service is complemented with in-depth malware audits, benefiting from its technology partners unique sandboxing and collective technologies. For more information, visit www.mspportalpartners.net.

MspPortal Partners Enters Enterprise Space Anchored by Bitdefender Technology

SCOTTSDALE, AZ. – August 4, 2020 – MspPortal Partners Inc. today announced that it is expanding into the enterprise space with long-time technology partner, Bitdefender. Currently, more than 400 tech firms across the country rely on MspPortal Partners managed services, as well as the support of the company’s more than 3,000 trained techs across the U.S. and Canada. MspPortal Partners is launching an initiative to help current and new reseller partners find enterprise opportunities within the healthcare industry, and education and government markets.

Continue reading