In the past 36 hours, we have been made aware of a security event that we would like to keep everyone informed of, 

Here’s what we know: 

A malicious entity — or entities — was able to access the customer’s account, most likely through a cached browser session, and was then able to  to distribute ransomware across multiple endpoints.

2-factor authentication was not enabled in this environment.

If 2FA had been enabled, it is likely this malicious activity could have been prevented.

At this time, the incident is confined to one customer. However, this same attack tactic was previously leveraged against othersusing other software, and it is clearly a tactic that attackers will try to use again. Therefore, it is imperative that customers enable 2-factor authentication.  

In addition, we strongly encourage employing other security best practices, including using a secure password manager, rather than reusing credentials and/or storing them within browsers.

If  you already have the ability to enable 2FA we recommend you do so.

If you are already a Managed Service customer of SMB TECH Group no action is needed by you, we already employ this as a standard policy.

If you do not have the ability or implement, please employ someone to do so, or give us a call.

We recognize that there is an inverse correlation between enhanced security policies and convenience. We want to be mindful of providing you with the most powerful and convenient  tools, while also providing security mechanisms that you can employ to help ensure that we all stay on top of the ever-changing world of security.