Skip to content
Over the Fourth of July weekend, prominent IT services provider SHI International, was a victim of a major malware attack. Based in Somerset, New Jersey, SHI is a private provider of tech services and a supplier of tech products to over 15,000 organizations and customers around the world. Their “recent security incident” and the integrity of their systems are still amid a thorough investigation with the help of law enforcement, federal agencies, and forensic experts.
Kevin McDonald (COO/CISO of Alvaka Networks) reassures that it’s a good sign that SHI systems are still down because it indicates that the company is taking their time to assiduously review the faults in their software and bring back their networks “in a secure and reliable manner.” In the interim, it is suspected that this attack was organized by sophisticated bad threat attackers for an “all-out ransomware attack” specifically targeting MSPs or Managed Service Providers such as SHI.
These cyber and ransomware attacks are becoming increasingly more common among MSP security vendors due to the fact that these Managed Service Providers “hold and manage vast amounts of customer data and critical information.” They are also much easier to infiltrate than government institutions since they lack tight security. SHI assures their clients that their internal systems and customer data is safe since there is “no evidence to suggest that customer data was exfiltrated during the attack. No third-party systems in the SHI supply chain were affected.”
Alvaka Networks’ Kevin McDonald says that though it’s premature to say what the overarching impact on the customers may be, there’s a high chance that the firm was fortunate enough in its network segregation. It seems as though the attack was contained and SHI’s IT teams and security foiled the hackers’ plans for extortion. The FBI and National Security Agency warn MSPs around the world to be alert for “malicious cyber actors-including state-sponsored advanced persistent threat groups.”
Read more about this incident at the below links:
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a type of software testing performed by Alvaka after a software patching sequence to ensure that the system is working correctly and to identify any misconfigurations or conflicts within the patched system.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a term used to describe the testing process for servers after patches are applied.