This past Tuesday, an international cyber attack crippled devices from the U.K to the United States. While this story sounds eerily similar to recent headlines (because it is), the new ransomware is a variation of Petya, a piece of ransomware that targets mostly business users. The cyber attack that occurred this past Tuesday has been named ‘ExPetr’ by the security experts at Kaspersky Lab. The hackers used various routes to penetrate their victims’ network. In most cases, the user received a malware that had been disguised as a system update. In some cases, malware was spread by a third-party software update. A majority of the computers that were hit were based out of the Ukraine. In fact, the attack happened on the same day as the assassination of a Ukrainian military intelligence officer and a day before a national holiday. Because of this, many have speculated that this cyber attack was less about money and more about disrupting Ukrainian organizations, but this is yet to be confirmed.
Ransomware or not, the attack left thousands scrambling to retrieve their data. The attack has hit major companies such as FedEx, Cadbury, and Merck. One notable and scary attack happened on the infamous Chernobyl Nuclear Plant’s radiation-monitoring system.
While ExPetr exploited the same vulnerability as WannaCry, the distribution of this malware differed as this appeared to be a more targeted attack, hitting major companies and local government software. WannaCry and ExPetr have both been linked to EternalBlue, part of the information dump made by the Shadow Brokers during the NSA hack.
For business owners, it is critical to make sure that your employees and staff are aware of what is happening within the cyber security world. In 2017, we have seen unprecedented cyber-attacks, and with this latest attack affecting major corporations, we are urging all business owners to keep their employees up to date with security awareness. All it takes to infect your network is for one employee to unknowingly open a malicious link.
Below are 3 important tips on how to stay safe during these attacks.
- Always make sure that your information in backed up, especially your important and sensitive files. Backup files to a hard-drive or to cloud-based sites such as DropBox.
- BEWARE of fake emails and links! Phishing attacks are happening all the time. Do not click on any link that seems suspicious. Malicious links can also be shared through friends Facebook and social media accounts that have been compromised. So keep in mind a malicious site or message could unintentionally be passed to you from a known contact.
- Regularly update your operating system, applications, and anti-virus. As new threats happen, these updates contain patches to reduce the risk of being comprised.
In this blog post, we discuss how outsourcing cybersecurity operations to a vCISO can help businesses, including SMBs, tackle the cybersecurity talent shortage.
In this blog post and video, we explore need-to-know privilege in cybersecurity and why it’s important for organizations to assign user permissions on a need-to-know basis.
In this blog post, we discuss the importance of email security for businesses and explore the VIPRE and Sendmarc email protection technology solutions.