On Tuesday, over 12,000 Ukrainian computers running older versions of Windows were infected by a variant of the Petya ransomware and now it has spread to over 60 countries. If the recent massive WannaCry attack wasn’t a wake up call for you to be protected, this should be.
The Petya attack had global repercussions, impacting global shipping operations at Maersk and even forcing the Chernobyl nuclear plant to manually monitor radiation levels. And now a Cadbury chocolate factory in Tasmania has been forced to shut down! (Now they’ve really crossed the line!)
As we pointed out previously, ransomware has been predicted to grow in prevalence and WannaCry still remains a threat, with traffic cameras in Australia being infected just last week.
Your Wake Up Call
So what do you do?
Update your antimalware and security software.
Most major software providers quickly moved to make sure that their products detected and block this threat. Because the actual Petya and its variants have been in the wild for some time, the more effective products would have blocked the current attack.
Our banSHIELD antimalware systems use components tied to real time, global threat intelligence networks, in order to respond to this constantly changing environment.
Keep your operating system up to date.
Many of the computers infected in both the Petya and the previous WannaCry attacks were still running Windows XP. Even though Microsoft released a patch for XP to deal with WannaCry, Windows 10 had been patched well in advance of that attack.
As always, it is essential that your operating system be totally up to date. Make sure your Windows updates are automatically installed.
If you’re developing your own software, make sure your development and update process is secure.
There is evidence that the first computers in the Petya attack were infected via the updater from a Ukrainian tax accounting software developer. If you’re doing any in-house development, make sure both your development process and your updates are secure.
Even if you don’t do any software development, it is recommended that you only use software that is frequently updated and patched against vulnerabilities and that the updates and drivers are digitally signed or otherwise securely delivered.
Don’t pay the ransom.
Almost all security experts agree that giving in to ransom demands only perpetuates the problem by ensuring the profitability of ransomware as a criminal activity. Remember that even if you pay, there’s no guarantee that you will get your files back.
There are some claims that a few victims of the WannaCry attack had their files released. Even if this were true, the nature of that attack and the way ransom payments were handled make it unlikely that the perpetrators would have the means to decrypt the hundreds of thousands of computers infected on the basis of who had paid.
Back up your files, locally AND in the cloud.
Local backups are good for quickly recovering lost data. But supplementing them with a cloud-based system gives you the ability to retrieve data after a major catastrophe.
And cloud backups are the best way to keep your data safe, even if ransomware locks up your critical files. In fact, we recently made significant security improvements to the cloud components of our Disaster Continuity System. The banSHIELD cloud backup also use the same system. So now your data is not only retrievable during regional disasters…but it’s now safer than data stored by many regional banks.