On June 27 the US Government became aware of new ransomware called Petya.
Similar to WannaCry, it didn't require any user involvement, but infected through operating system vulnerabilities. It's demand for ransom in exchange for decryption key was a hoax, as encryption of Master Boot Records cannot be undone. Infected drives became unreadable and computers became un-bootable and any ransom paid was lost.
Recommended prevention steps:
- Protect end-point Windows devices with antivirus/antimalware software from respected providers (we recommend Trend Micro). Make sure subscriptions haven't expired. Central purchasing and administration allows for consistent protection and alert handling.
- Apply operating system and device patches (especially MS17-010) and updates to both Servers and end-user computers. It's true that updates occasionally cause problems. But vulnerabilities in unpatched systems increase over time.
- Apply updates to web browsers, Adobe Reader and Flash, Java, and other software regularly.
- Back up servers and file shares regularly, and periodically validate whether backups were effective. The date, time, and status should be reviewed for success. Try to extract several folders and files from backup sets. Ideally, disaster recovery and business continuity solutions are in place that synchronize continuously and can spin-up a server identical to the moment it failed. LeeShanok offers BDR and BC solutions that are effective and affordable.
- Make sure end users store data files on Shared Drives so they are included in backups.
- Protect end-user computers with active firewall software.
- Periodically review your network firewall. Businesses need a modern commercial grade device. Those with business centers or wifi for guests need filtering of malicious and illegal content, and traffic shaping. We recommend Cisco Meraki and Cisco ASA with FirePower. Make sure firmware updates are current.
- Host a security policy meeting for employees and satellite offices. Partner with LeeShanok's team as you prepare. To help you, we offer a 45 minute presentation called "IT Security for the Common Worker", also available via webinar.
- Many of these checklist items are managed by LeeShanok as part of our Managed IT and Hosted service plans.
Feel free to contact us to discuss your situation.