Keeping you up to date - Sord News

Cisco Umbrella: Cloud-based security - blog post image

Cisco Umbrella: Cloud-based security

QSnatch Malware Attacks:

Only recently, hackers infected thousands of network-attached storage (NAS) devices from the Taiwanese company QNAP with a new form of Malware called QSnatch. 

With already over 7,000 devices compromised in Germany alone, thousands more are expected to be infected world-wide in what appears to be an ongoing outbreak.

A report from the National Cyber Security Centre of Finland (NCSC-FI) has stated that from an analysis of the malware's code, it's capabilities are: 


  • Modify OS timed jobs and scripts (cronjob, init scripts)
  • Prevent future firmware updates by overwriting update source URLs
  • Prevents the native QNAP MalwareRemover App from running
  • Extracts and steals usernames and passwords for all NAS users
The end goal of QSnatch is still unclear, although very worrying nonetheless. In light of this recent attack, we believe people and organizations need to start taking extra precaution in case of such malware outbreaks.

Cisco Umbrella: 

Cisco Umbrella is a cloud-based security platform that operates at the most fundamental level of the internet, the Domain Name System (DNS). The network security solution provides the first line of defence when it comes to threats on the internet and gives you complete visibility into all of your organizations internet activity across all devices. 

Cisco uses DNS requests to gather massive amounts of data and then runs them against statistical models that helps uncover malware before it even reaches your endpoints or network. This malware will be blocked from access, keeping your network safe. 

If your organisation has a dedicated cyber security team, you can take advantage of Cisco Umbrella Investigate. This will give you complete access to Cisco's threat intelligence of global DNS requests for a complete view of the relationships between domains, IPs, and malware. This will help you to enrich your incident response and SIEM data. 

Cisco Umbrella is scalable and incredibly simple to deploy. There is no hardware to install or software to manually update, and the browser-based interface provides quick setup and ongoing management, giving you enterprise-wide security in minutes. Also, if you already have an existing security solution or solutions, Umbrella's API enables you to integrate your existing solutions to amplify protection. 

This is just the tip of the iceberg regarding Umbrella. Contact us for more information on all of it's features and advice on what packages would suit your organization and more. Email us here: Sales@sord.ie or call us on 01 295 7166.