Emerald City Solutions

Stay up-to-date with the latest technology news.

Latest Petya Ransomware Attack is Brutal Reminder of Cyber Security Importance

Latest Petya Ransomware Attack is Brutal Reminder of Cyber Security Importance

A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors. This cyber security threat is nothing to take lightly. 

Why NotPetya Isn’t Really a Ransomware
The first clue that researchers had that NotPetya had a different motivation was the fact that the ransom only demanded the Bitcoin equivalent of $300. Secondly, the only means of getting the decryption key was to send an email to an address hosted by German email provider Posteo. Despite the lack of preparation the payment method appeared to have, NotPetya itself was clearly designed to be able to infiltrate as many networks as possible and do maximum damage once inside.

A Hybrid Hacking Attack
Since the attack commenced, researchers have ascertained that despite its initial similarities with Petya, NotPetya shares many traits with other malicious programs. Like WannaCry, the attack that affected much of Europe, NotPetya leverages EternalBlue. EternalBlue is a National Security Agency hacking tool that targets unpatched systems and steals the passwords that allow administrator access. In addition to EternalBlue, NotPetya also utilizes EternalRomance, another code that was stolen from the NSA.

Once NotPetya has infected one computer, it extracts passwords from its memory or the local filesystem to allow itself to spread--including onto updated and patched Windows 10 systems.

How To Protect Your Files
First off, don’t expect that you can retrieve your files just by paying the ransom. Even if those responsible for NotPetya intended to keep their word and return them once paid, Posteo has shut down the provided email account victims were to receive their keys from. As a result, unless a victim was already following certain best practices, their files are as of yet unrecoverable.

However, this does not mean that everyone is vulnerable to this attack. Before the EternalBlue and EternalRomance exploits were distributed on the dark web, Microsoft had already released patches for the vulnerabilities. However, if these patches were not applied, a user’s systems were (and are) still vulnerable.

The best method to avoid infection from this kind of attack is to ensure your users understand the importance of cyber security efforts, and that all of your business’ systems are reinforced against the latest threats by keeping your defenses up-to-date.

Furthermore, even an infected user is not without hope if they have been backing up their files. If they have done so, all they have to do is disconnect their computer from the Internet, reformat their hard drive and restore their data from their backup solution. However, for this to work, you have to also be sure that your backups are up-to-date, and that your backup is stored in an isolated location, separate from your network.

Emerald City Solutions has the experience and expertise to help prevent you from becoming a victim of a malware like this, whether we help you manage your backups or help educate your users to avoid attacks like these in the first place. Give us a call at (206) 340-1616 today.

Businesses Running Outdated Software are Taking a ...
Two Approaches to IT Support. One Clear Winner

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 17 August 2017

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Tag Cloud

Tip of the Week security email technology Best Practices malware Business Computing Privacy IT Support User Tips Cloud Hosted Solutions Internet Business Management Software Backup hackers Ransomware Small Business Social Media Unsupported Software Passwords Google phishing business Managed IT Services Efficiency business owner devices App Alert Facebook Cloud Computing Gadgets Outsourced IT Smartphone Windows emails Android Managed IT Microsoft Marketing Browser Productivity threats Hardware Screen Mirroring Disaster Recovery IT Services Touchscreen WIndows Server 2008 Office 365 Consultant BYOD Windows 10 Managed Service Provider locks users Patch Management Innovation Unified Threat Management time email protection Mobile Device Management Vulnerability Apps blocks admittance Outlook Nanotechnology Meetings Cybercrime employees today ’s Internet Data Security Smartphones text messages Shortcut Network Webinar Best Practice Business ’ Security Businesses HBO SaaS Root Cause Analysis Facebook pop-ups Excel IT solutions network security Emerald City Solutions Google Drive iOS Save Money Application search engines Microsoft Office Commerce Operating System Upgrades data leak access Data Protection Business Continuity Augmented Reality Computers Data Recovery Windows 10s Law Enforcement company ’s network today ’s business world Risk Management Audit Chrome Social Engineering Virtualization Hosted Solution Solid State Drive WiFi solutions IT Management Cybersecurity Spam Employer-Employee Relationship business computer system Data Storage Hard Disk Drive Wireless mobile business IT Solutions Computer Care CrashOverride Communications snail mail Information Technology consumer goods Money cyber threats Proactive IT Computer Fan OneNote Telephone Systems spam cost technology research organization Cast Computer BDR

Recent Comments

No comments yet.