New Ransomware Attack And How To Protect Yourself Against It



Related to a previous article published on our blog: Ransomware Part 1


Back in March of 2017, WannaCry was identified as a ransomware attack that took advantage of gaps in programming to infect machines with a virus that would lock your files until you paid for them. The fix for that problem was through a simple patch that was released much earlier prior to the attack. All the infected machines were a victim of not being up to date on patches. The same can be said for this new threat.

On June 27, 2017 there were reports of a new ransomware dubbed “Petya” spreading across Europe. The first infections had started showing up in Ukraine with about 12,500 machines being infected. This new threat is different than WannaCry because it has worm capabilities, which allows it to move laterally across infected networks. However, it still uses the same SMBv1 vulnerabilities that WannaCry first exploited.

How To Prevent It

This new ransomware takes advantage of the same vulnerabilities that WannaCry exploited, as in machines still using SMBv1 without the patch given back in March under MS17-010. The same patch you had to install to prevent the spread of WannaCry.
                
If you unable to patch your systems in time, another way to prevent the spread of this attack is to disable SMBv1 as a workaround, you can do so by following the instructions given here.
                
Since Petya needs to steal credentials from an infected machine to get access to admin share files, assign rights to everyone using least privilege to reduce the chance of the malware getting the credentials it requires.
                
Additionally, it is important to use an endpoint firewall to block workstation to workstation communication and prevent the spread across computers. Combining this with least privilege and proper account segregation for your IT staff and you'll be well on your way to a more secure environment. Lastly, accounts with server/domain admin rights shouldn’t ever be used on workstations.

 To learn more about what the comprehensive network security offerings through Vodigy please contact us.

Comments

Post a Comment

Popular posts from this blog

8 Ways Managed IT Services Can Benefit Small Businesses

Image
Businesses small and large are becoming more reliant on their IT for everything from customer relationship management to marketing. However, maintaining an in-house IT department that’s large enough to fulfill every technology goal of your business is thoroughly impractical. Managed IT services providers (MSPs) are a better alternative. MSPs help you overcome the limitations of your IT department by giving you access to a broad array of talent at a fraction of the cost. Here are a few ways we’ve helped small businesses right here in Saint Paul. #1. Reduce Labor Costs Computers might be getting easier to use, but that doesn’t mean that the underlying infrastructure of a corporate network is any less complex. By outsourcing the bulk of your computing infrastructure to an MSP, you’ll greatly reduce the need for the on-premises expertise needed to look after your technology. In fact, by enrolling with an MSP, small businesses can negate the need of an in-house IT departm
Read more

3 Ways Managed IT Services Make The Workday Go Smoothly

Image
Computers always break down at the worst times. You might try fixing it by hitting the tower, but your problems only get worse. Then you start getting the blue screen, which is not good at all. You might’ve saved your data, however, there’s a chance you lost it and need to start over.              This is a primary reason as to why it can be frustrating to deal with an IT provider that only handles break-fix jobs. They only fix your problems when they actually occur, instead of implementing services that can prevent them from happening in the long run. Businesses that try to find alternative ways to repair their technology end up wasting more time and resources when doing it themselves. Don’t let your company suffer through that, let a managed IT services provider step in and prevent your problems altogether. You Can’t Ignore Cost-Effectiveness             When you’re having IT issues, the primary goal is to fix the issue without wasting any time. Any downtime you suf
Read more

How Intrusion Prevention Systems Sniff out Sneaky Cyber Attacks

Image
It’s 2018 and in the world of cyber security, this will be an unprecedented year. Of course, last year was also terrifying, but experts warn that what lies ahead is an increase in the quantity and variety of cyberattacks. As a business, the security of your data is vital to your operations, business continuity, and most importantly your reputation. A cyber attack can be trouble for any business. For a small or medium-sized business, it can be devastating. While there are many options for dealing with the ever-present threat of cyberattacks, one method that often goes under the radar is an Intrusion Prevention System , or IPS. What Is An Intrusion Prevention System? An intrusion prevention system is an automated and proactive form of network monitoring. Everything that comes into and goes out of your network is monitored and analyzed with AI. An IPS isn’t foolproof, but it is one of the best ways for your IT support to uncover suspicious activity in real time.
Read more