Pulse Technology Solutions Blog

Pulse Technology Solutions has been serving the Fort Myers area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Another Week, Another Ransomware Attack — Here’s How to Avoid it and Keep Your Data Safe

Last week, less than a month after the WannaCry ransomware attack infected more than 250,000 computers in 150 countries, security experts announced new revelations about a new attack, which originated in the Ukraine and spread to Russia, Poland, Italy, Germany, France, Spain, and the United States, along with nearly 60 other countries.

This attack began with a specific target: 12,500 machines running older versions of Microsoft Windows and software owned by M.E.Doc, a tax-accounting company based in Ukraine. Several private companies, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, and TNT Express, a global subsidiary of FedEx, were subsequently struck with a message featuring red text on a black screen: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

What made this attack significantly different than past ones, however, was that “waste of time” part — within hours, the hackers’ email address used to collect Bitcoin payment required as ransom was shut down, eliminating their ability to communicate with victims and restore access to encrypted data. As many baffled security experts speculated, if the hackers launched their attack to make money, they failed spectacularly.

Instead, some theories now hold that the attack was disguised as ransomware but meant to permanently wipe as much data on as many hard drives as possible. Researchers at Kaspersky Lab speculated that it was a “wiper” attack that used the media frenzy surrounding ransomware as a ploy to drum up attention. Still, that attention is needed to stem the tide of ransomware, one of the most tried and true vehicles for cyberattack.

Ransomware relies on locking a victim out of his or her own files until they pay a certain amount for a decryption key. Last year, security researchers estimate that cybercriminals made more than $1 billion via ransomware attacks, with targets ranging from Fortune 500 corporations to independently owned small businesses and even private individuals. But the WannaCry attack and this most recent one, alternately identified as Petya, NotPetya, ExPetr, and GoldenEye, took in only $100,000 combined.

Both spread by combining traditional ransomware assaults with an operating system vulnerability left open when software updates for Microsoft Windows were not installed. That allowed the attacks to grow quickly, exploiting lone unprotected machine to then infect devices across any connected network. WannaCry’s global spread was stymied by a rogue security expert who registered a domain name for $10 and halted the attack in its tracks. Last week, a German email provider shut down the address associated with ransom payments, stopping the so-called Petya assault within a day.

Here’s what we suggest to keep your business safe:

Ensure that all software patches and security updates are properly deployed.

WannaCry and Petya both took advantage of a publicly acknowledged vulnerability in older versions of Microsoft Windows. Any business with a trusted IT partner by its side would have had that patch deployed earlier this spring. After WannaCry, extra precautions were taken, as well. But in Petya’s case, even one vulnerable system could have taken down any protected ones that were connected on the same network, which makes comprehensive security so critical.

Never click any link or download any attachment in a suspicious email.

Although the two most recent global ransomware attacks were not spread via the standard phishing email method, all it takes is one errant click on one illicit link or malicious file to put an entire business’ computers at risk. Training your employees to quickly identify and avoid suspicious emails is a baseline for online security.

Always back up your data.

Creating regular, redundant, and remote backups of your critical business data is one of the most important security measures you can take for continued success. While free solutions exist on the open market that may indicate they’re backing up your entire computer, reliable data backup performed on a regular basis by a trusted IT provider is the safest way to prevent any ransomware attack, virus infection, or data breach from knocking your business out of commissions. Oh, and make sure your backup retrieval procedures are well vetted and regularly tested — if your data is lost, you want to be able to quickly restore it in the event of a cyberattack or natural disaster.
3 Ways Remote Monitoring Helps Businesses
Solid Vendor Management Leads To Solid Successes
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 25 July 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Cloud Business Computing Best Practices Malware Hackers Productivity Privacy Network Security Managed IT Services Backup Business IT Services Internet Outsourced IT Microsoft Software Windows 10 Computer IT Support Ransomware Social Media Mobile Devices Email Hardware Google Unified Threat Management Business Continuity Recovery Workplace Tips Productivity Efficiency Communication Work/Life Balance App Smartphone Remote Monitoring Managed Service Provider Apps Innovation Training Hosted Solutions User Tips Disaster Recovery Save Money Paperless Office Big Data Managed IT Services Firewall Mobile Device Robot Data Android Office 365 Facebook Collaboration Telephone Systems Risk Management Data Management How To IT Service Hosted Solution SaaS Cybersecurity Password Cloud Computing Managed IT Content Filtering File Sharing Internet of Things IT Support Education Twitter IT Management Data Storage Health Taxes Data Backup Small Business Virtualization VoIP Alert Browser Virtual Reality Money BDR Botnet Wireless Smartphones Politics Uninterrupted Power Supply Vendor Management Phishing Physical Security Hacker Computer Care VoIP BYOD Windows Automobile Mobile Device Management Going Green Digital Upgrade G Suite Digital Payment CCTV Software Tips Encryption WiFi Help Desk Emoji Spyware Law Enforcement Remote Computing Quick Tips Tech Support Maintenance Administrator GPS Computing Employer-Employee Relationship Electronic Medical Records Server Gadget Processors Google Drive IT Consultant History Budget IBM Social Business Management Tracking Unsupported Software Sports Cybercrime Tablet Business Growth Avoiding Downtime Wireless Technology Cabling Websites Corporate Profile Document Management How To Travel Apple Holiday Samsung Time Management Infrastructure WannaCry Downtime Virus Cortana Analytics Motion Sickness Customer Service Network Management Information Technology Disaster Error Monitors Sync Identity Theft Mobile Data Chrome Meetings Google Maps Computers Legal Cleaning Private Cloud Data loss Personal Information Mobile Device Managment Crowdsourcing Update Firefox Webcam Telephony USB Word Public Cloud Mobility Government Chromebook Customer Relationship Management Network Point of Sale Automation Notifications Staffing Solid State Drive IT Solutions Communications YouTube Wi-Fi Supercomputer Assessment Web Server Hard Disk Drive Upgrades Settings Computer Repair IT Budget Artificial Intelligence Black Market Consultation Cameras Licensing Office Files Office Tips Bandwidth CrashOverride Touchscreen Cost Management Windows 10 Tip of the week Thank You Congratulations Hacks

Newsletter Sign Up