Petya and the Threat of Ransomware Fatigue

Posted by: TAZ Networks on July 7, 2017 at 3:00 pm

Raise your hand if you’re tired of hearing about ransomware…

Here’s a little secret: we’re tired of writing about it. But, as hackers come up with new and imaginative ways to exploit security gaps, we all must remain ever vigilant. For you as a business owner, it means making sure your business data is as secure as you can make it. For us as your technology partner, it means staying on top of all of these threats… to keep your business data as secure as we can make it.

Thus we soldier on, letting you know about the latest threats and what you need to do to secure your business.

The Latest Threat – Petya, (or Something Like It)

Petya is currently making headlines – and for good reason. While systems in Ukraine appear to have been the primary target for the recent attack, major international players were affected including Merck, the US-based pharmaceutical corporation, and Maersk, the Danish shipping company.

One detail to note: while this malware is commonly referred to as a variant of Petya, the security experts at SonicWall say it is not actually related to Petya ransomware, which was big news in 2016. “In fact,” they explain, “it masquerades as ransomware but there is no decryption capability, so in reality this is a wiper-type attack which is generally used as a cyber weapon for targeted data destruction.”

What this means, in short, is that if your network is infected by this attack, there is actually no way to decrypt your data. Your only option is to restore from backup. The FBI recommends never paying ransomware demands. The fact that hackers may not actually provide a recovery code is a key reason to follow this advice.

This is also a reason we can never let our guard down – what may seem like one kind of attack when the first headlines launch, may turn out to be something different in the end. While basic security standards should protect you from most attacks, the specific defense or recovery details may differ.

Let TAZ Networks Think About Ransomware So You Don’t Have To

As with WannaCry and other news-making threats, we have been taking ongoing, proactive steps to keep our clients safe from ransomware and other malware attacks. Here’s how:

1. Proactive Managed Updates. This “Not Petya” attack exploits the same weakness in Microsoft Windows as WannaCry. This security gap was patched by Microsoft in March. We review these security updates and push them out to our clients as soon as we are confident that they are compatible with applicable systems. We also proactively recommend upgrading away from unsecure systems. Unfortunately, Windows 7 is increasingly falling under this label of “unsecure.” We encourage our clients move up to Windows 10 as soon as possible.
2. Firewall. Every TAZ Networks Managed IT Care client has a firewall – this is a requirement of participating in our managed services program. The protection offered by a comprehensive firewall security device cannot be overstated. We set these up with specific security standards, ensuring ONLY necessary traffic gets through. Even approved traffic is inspected for malware, viruses and other attacks.
3. Anti-malware and anti-virus. Malwarebytes explains the difference: “Antivirus protects users from lingering, predictable-yet-still-dangerous malware. Anti-malware protects users from the latest, currently in the wild, and even more dangerous threats.” Yes, you do need both, and we include them in every Complete Managed IT Care service package.
4. Backups. With an encryption attack, backups are often the only way to get your data back without paying. We offer backup solutions that can be customized to your security needs, work flow, data capacity, and budget.
5. Education. Via our newsletters, blog, and social media, we publish and share many tips to know what to look for, and what each individual user can do to keep your network safe.

We are still planning an executive lunch on cybersecurity for later this year. Please watch for your invitation!

As we said in a recent Tweet about WannaCry: “One ransomware down, infinity to go.” Cyberattacks will never stop. They are going to get more frequent and more damaging. Proactive security can prevent major downtime, dollars lost, and possibly losing your business.

Is your business computer network secure? Make sure with our Network Security Assessment. Fill out the contact form at the right for details.