New Ransomware Attack And How To Protect Yourself Against It



Related to a previous article published on our blog: Ransomware Part 1


Back in March of 2017, WannaCry was identified as a ransomware attack that took advantage of gaps in programming to infect machines with a virus that would lock your files until you paid for them. The fix for that problem was through a simple patch that was released much earlier prior to the attack. All the infected machines were a victim of not being up to date on patches. The same can be said for this new threat.

On June 27, 2017 there were reports of a new ransomware dubbed “Petya” spreading across Europe. The first infections had started showing up in Ukraine with about 12,500 machines being infected. This new threat is different than WannaCry because it has worm capabilities, which allows it to move laterally across infected networks. However, it still uses the same SMBv1 vulnerabilities that WannaCry first exploited.

How To Prevent It

This new ransomware takes advantage of the same vulnerabilities that WannaCry exploited, as in machines still using SMBv1 without the patch given back in March under MS17-010. The same patch you had to install to prevent the spread of WannaCry.
                
If you unable to patch your systems in time, another way to prevent the spread of this attack is to disable SMBv1 as a workaround, you can do so by following the instructions given here.
                
Since Petya needs to steal credentials from an infected machine to get access to admin share files, assign rights to everyone using least privilege to reduce the chance of the malware getting the credentials it requires.
                
Additionally, it is important to use an endpoint firewall to block workstation to workstation communication and prevent the spread across computers. Combining this with least privilege and proper account segregation for your IT staff and you'll be well on your way to a more secure environment. Lastly, accounts with server/domain admin rights shouldn’t ever be used on workstations.

 To learn more about what the comprehensive network security offerings through Vodigy please contact us.

Comments

Post a Comment

Popular posts from this blog

8 Ways Managed IT Services Can Benefit Small Businesses

Image
Businesses small and large are becoming more reliant on their IT for everything from customer relationship management to marketing. However, maintaining an in-house IT department that’s large enough to fulfill every technology goal of your business is thoroughly impractical. Managed IT services providers (MSPs) are a better alternative. MSPs help you overcome the limitations of your IT department by giving you access to a broad array of talent at a fraction of the cost. Here are a few ways we’ve helped small businesses right here in Saint Paul. #1. Reduce Labor Costs Computers might be getting easier to use, but that doesn’t mean that the underlying infrastructure of a corporate network is any less complex. By outsourcing the bulk of your computing infrastructure to an MSP, you’ll greatly reduce the need for the on-premises expertise needed to look after your technology. In fact, by enrolling with an MSP, small businesses can negate the need of an in-house IT departm...
Read more

A 7-Point Checklist for Unbeatable IT Security

Image
It’s no secret that cybercrime has become a multi-billion-dollar industry that affects businesses and individuals all over the globe. Unfortunately, that includes organizations right here in Saint Paul as well. However, while there might not be much you can do to stem the tide of attempted data breaches, managed IT solutions can eliminate their impact on your business. #1. Hosted Email You probably can’t imagine running a modern business without email. As the primary means of communication in the modern world, it’s imperative that you have a system that you can depend on. By migrating to a hosted email service like Vodigy’s, you can enjoy better scalability, redundancy and reduced dependence on in-house IT resources. You’ll also have the measures in place necessary for ensuring regulatory compliance. Migrating to an email solution hosted by and IT provider means being able to take advantage of security measures that would otherwise be beyond your budgetary reach. ...
Read more

3 Ways Managed IT Services Make The Workday Go Smoothly

Image
Computers always break down at the worst times. You might try fixing it by hitting the tower, but your problems only get worse. Then you start getting the blue screen, which is not good at all. You might’ve saved your data, however, there’s a chance you lost it and need to start over.              This is a primary reason as to why it can be frustrating to deal with an IT provider that only handles break-fix jobs. They only fix your problems when they actually occur, instead of implementing services that can prevent them from happening in the long run. Businesses that try to find alternative ways to repair their technology end up wasting more time and resources when doing it themselves. Don’t let your company suffer through that, let a managed IT services provider step in and prevent your problems altogether. You Can’t Ignore Cost-Effectiveness             ...
Read more