World-hitting Petya Ransomware attack follows close on the heels of WannaCry
28 June 2017
Businesses hit by WannaCry back in May are just about recovering (or facing large financial and operational repercussions), but for many, the nightmare is starting again, this time in the guise of an updated version of the Petya (also known as NotPetya) Ransomware worm.
This time around, it looks as though the attack has had a greater impact in Europe, with Ukraine and Russia being the most affected. Organisations ranging from multinational banks, airports and even the Chernobyl nuclear power plant have been affected. Despite a focus in Eastern Europe, the reaches are once again global, with reports of a Cadbury chocolate factory in Australia forced to temporarily shut down as a result of the attack.
The French advertising firm WPP has released a memo to internal staff highlighting the scale of the attack, stating that it is “a massive global malware attack, affecting all Windows servers, PCs and laptops”.
It’s alarming how rapidly and effectively an attack of this scale has been distributed globally. Once again, businesses need to ask themselves “how can we stop this from happening to us?”
Ransomware is clearly big business for cyber criminals.
One of the reasons why Ransomware is so popular with cyber criminals is that it’s so easy to get your hands on and distribute. This so-called “ransomware-as-a-service” model can be as cheap as a few pounds to purchase and free to execute. Any “proceeds” gained as a result of the attack are then shared between the provider and the attacker, as this article from Fortinet earlier in the year highlights.
Interestingly, for an attack of this scale, the payoff for the attackers has once again been relatively small in comparison. At the time of writing, the bitcoin wallet linked to the attack only contained roughly $8000 worth of bitcoin – a tiny amount compared to the significance and spread of the attack.
It’s not a matter of if, but when.
Hopefully, two attacks as high-profile as WannaCry and Petya/NotPetya are all it takes for businesses to cotton on to the definitive threat of Ransomware. It’s so important that organisations of all sizes and sectors are aware of the dangers of cybercrime, and have a security process in place to mitigate this threat. Here are five ways you can minimise the threat and damage that attacks like Petya and WannaCry can cause to businesses like yours:
1. Software security updates – both WannaCry and Petya were distributed due to vulnerabilities that already had security patches available. Ensure you keep software up to date.
2. Backup and DR – ensure your databases are backed up regularly to mitigate any damage caused by attacks like Petya. Prodec’s backup and DR services can restore your data to as little as 5 minutes before an infection.
3. Security awareness training – most ransomware is still delivered via email. Ensuring your employees are #CLICKCLEVER can make the difference. Visit www.clickclever.co.uk for a library of free anti-ransomware and anti-phishing resources.
4. Endpoint protection software – Endpoint security solutions such as those provided by SentinelOne can stop the threat of ransomware before it becomes a threat. SentinelOne is so confident in its solution, they even have a $1m ransomware protection guarantee.
5. Simulated Phishing – “Phish” your employees! Implementing simulated phishing exercises into your business is an extremely successful method of spreading awareness of the threat of email-borne cybercrime. Learn more about Prodec’s simulated phishing services here.
Ransomware isn’t unbeatable. You only need to be prepared for when, not if, it happens to you.
Attend our upcoming cyber security breakfast briefing to learn more about how you can protect your business from cyber-attacks like Ransomware.