Pulse Technology Solutions Blog

Pulse Technology Solutions has been serving the Fort Myers area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Another Week, Another Ransomware Attack — Here’s How to Avoid it and Keep Your Data Safe

Last week, less than a month after the WannaCry ransomware attack infected more than 250,000 computers in 150 countries, security experts announced new revelations about a new attack, which originated in the Ukraine and spread to Russia, Poland, Italy, Germany, France, Spain, and the United States, along with nearly 60 other countries.

This attack began with a specific target: 12,500 machines running older versions of Microsoft Windows and software owned by M.E.Doc, a tax-accounting company based in Ukraine. Several private companies, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, and TNT Express, a global subsidiary of FedEx, were subsequently struck with a message featuring red text on a black screen: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

What made this attack significantly different than past ones, however, was that “waste of time” part — within hours, the hackers’ email address used to collect Bitcoin payment required as ransom was shut down, eliminating their ability to communicate with victims and restore access to encrypted data. As many baffled security experts speculated, if the hackers launched their attack to make money, they failed spectacularly.

Instead, some theories now hold that the attack was disguised as ransomware but meant to permanently wipe as much data on as many hard drives as possible. Researchers at Kaspersky Lab speculated that it was a “wiper” attack that used the media frenzy surrounding ransomware as a ploy to drum up attention. Still, that attention is needed to stem the tide of ransomware, one of the most tried and true vehicles for cyberattack.

Ransomware relies on locking a victim out of his or her own files until they pay a certain amount for a decryption key. Last year, security researchers estimate that cybercriminals made more than $1 billion via ransomware attacks, with targets ranging from Fortune 500 corporations to independently owned small businesses and even private individuals. But the WannaCry attack and this most recent one, alternately identified as Petya, NotPetya, ExPetr, and GoldenEye, took in only $100,000 combined.

Both spread by combining traditional ransomware assaults with an operating system vulnerability left open when software updates for Microsoft Windows were not installed. That allowed the attacks to grow quickly, exploiting lone unprotected machine to then infect devices across any connected network. WannaCry’s global spread was stymied by a rogue security expert who registered a domain name for $10 and halted the attack in its tracks. Last week, a German email provider shut down the address associated with ransom payments, stopping the so-called Petya assault within a day.

Here’s what we suggest to keep your business safe:

Ensure that all software patches and security updates are properly deployed.

WannaCry and Petya both took advantage of a publicly acknowledged vulnerability in older versions of Microsoft Windows. Any business with a trusted IT partner by its side would have had that patch deployed earlier this spring. After WannaCry, extra precautions were taken, as well. But in Petya’s case, even one vulnerable system could have taken down any protected ones that were connected on the same network, which makes comprehensive security so critical.

Never click any link or download any attachment in a suspicious email.

Although the two most recent global ransomware attacks were not spread via the standard phishing email method, all it takes is one errant click on one illicit link or malicious file to put an entire business’ computers at risk. Training your employees to quickly identify and avoid suspicious emails is a baseline for online security.

Always back up your data.

Creating regular, redundant, and remote backups of your critical business data is one of the most important security measures you can take for continued success. While free solutions exist on the open market that may indicate they’re backing up your entire computer, reliable data backup performed on a regular basis by a trusted IT provider is the safest way to prevent any ransomware attack, virus infection, or data breach from knocking your business out of commissions. Oh, and make sure your backup retrieval procedures are well vetted and regularly tested — if your data is lost, you want to be able to quickly restore it in the event of a cyberattack or natural disaster.
3 Ways Remote Monitoring Helps Businesses
Solid Vendor Management Leads To Solid Successes
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 22 September 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Cloud Business Computing Malware Best Practices Privacy Network Security Backup Hackers Productivity IT Services Software Managed IT Services Ransomware Microsoft Outsourced IT Business Email Internet Business Continuity Windows 10 Mobile Devices Computer IT Support Google Productivity User Tips Social Media Managed IT Efficiency Hardware Smartphone Disaster Recovery Data Backup Recovery Workplace Tips Unified Threat Management Remote Monitoring Hosted Solutions Data Recovery Communication Cloud Computing Training App IT Support Data Android Save Money Managed IT Services Work/Life Balance SaaS Managed Service Provider Innovation Apps Office 365 Data Management Word Paperless Office Robot Windows Content Filtering File Sharing Facebook Mobile Device How To Risk Management Big Data Firewall Password Telephone Systems Collaboration IT Service Cybersecurity Hosted Solution Internet of Things Smartphones Phishing Politics Education Windows 10 VoIP Mobility Health Tip of the week Computer Care Hacker Small Business BYOD Browser Automobile Virtual Reality Mobile Device Management IT Management Money Files Twitter Encryption Wireless Data Storage Taxes Virtualization Vendor Management Physical Security VoIP Websites Alert BDR Botnet Samsung Uninterrupted Power Supply Going Green Meetings Upgrade Computers Search Cleaning Private Cloud Help Desk Crowdsourcing Customer Relationship Management Mobile Device Managment Webcam Solid State Drive Emoji Telephony USB Microsoft Office YouTube Project Management Public Cloud Supercomputer Government Assessment Point of Sale Hard Disk Drive Computing Electronic Medical Records Automation Heating/Cooling Outlook Staffing Settings Communications IT Budget Notifications Sports Social Unsupported Software Consultation Licensing Web Server Servers Shortcut Digital Business Technology Digital Payment Wireless Technology Software Tips Cameras WiFi Black Market Server Management Patch Management Spyware Lenovo Office Tips Quick Tips G Suite CCTV Maintenance Cortana GPS Statistics Vulnerability Employer-Employee Relationship Superfish Server Law Enforcement Mobile Data Google Drive History Bluetooth IBM Tech Support Tracking Remote Computing VPN Administrator Tablet Legal Cabling Update Gadget Personal Information Avoiding Downtime Antivirus IT Consultant Corporate Profile Budget Document Management Processors Virtual Private Network How To Business Management Apple Cybercrime Infrastructure Chromebook Business Growth Time Management Hacking WannaCry Network IT Solutions Mail Merge Analytics Customer Service Travel Disaster Holiday Wi-Fi Network Management Trending Monitors Identity Theft Virus Upgrades Address Chrome Downtime Google Maps Motion Sickness Computer Repair Artificial Intelligence Touchscreen Office Information Technology Data loss Error Bandwidth Redundancy Firefox Sync Emergency Hacks CrashOverride Cost Management Thank You Congratulations

Newsletter Sign Up