Pulse Technology Solutions Blog

Pulse Technology Solutions has been serving the Fort Myers area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Another Week, Another Ransomware Attack — Here’s How to Avoid it and Keep Your Data Safe

Last week, less than a month after the WannaCry ransomware attack infected more than 250,000 computers in 150 countries, security experts announced new revelations about a new attack, which originated in the Ukraine and spread to Russia, Poland, Italy, Germany, France, Spain, and the United States, along with nearly 60 other countries.

This attack began with a specific target: 12,500 machines running older versions of Microsoft Windows and software owned by M.E.Doc, a tax-accounting company based in Ukraine. Several private companies, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, and TNT Express, a global subsidiary of FedEx, were subsequently struck with a message featuring red text on a black screen: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

What made this attack significantly different than past ones, however, was that “waste of time” part — within hours, the hackers’ email address used to collect Bitcoin payment required as ransom was shut down, eliminating their ability to communicate with victims and restore access to encrypted data. As many baffled security experts speculated, if the hackers launched their attack to make money, they failed spectacularly.

Instead, some theories now hold that the attack was disguised as ransomware but meant to permanently wipe as much data on as many hard drives as possible. Researchers at Kaspersky Lab speculated that it was a “wiper” attack that used the media frenzy surrounding ransomware as a ploy to drum up attention. Still, that attention is needed to stem the tide of ransomware, one of the most tried and true vehicles for cyberattack.

Ransomware relies on locking a victim out of his or her own files until they pay a certain amount for a decryption key. Last year, security researchers estimate that cybercriminals made more than $1 billion via ransomware attacks, with targets ranging from Fortune 500 corporations to independently owned small businesses and even private individuals. But the WannaCry attack and this most recent one, alternately identified as Petya, NotPetya, ExPetr, and GoldenEye, took in only $100,000 combined.

Both spread by combining traditional ransomware assaults with an operating system vulnerability left open when software updates for Microsoft Windows were not installed. That allowed the attacks to grow quickly, exploiting lone unprotected machine to then infect devices across any connected network. WannaCry’s global spread was stymied by a rogue security expert who registered a domain name for $10 and halted the attack in its tracks. Last week, a German email provider shut down the address associated with ransom payments, stopping the so-called Petya assault within a day.

Here’s what we suggest to keep your business safe:

Ensure that all software patches and security updates are properly deployed.

WannaCry and Petya both took advantage of a publicly acknowledged vulnerability in older versions of Microsoft Windows. Any business with a trusted IT partner by its side would have had that patch deployed earlier this spring. After WannaCry, extra precautions were taken, as well. But in Petya’s case, even one vulnerable system could have taken down any protected ones that were connected on the same network, which makes comprehensive security so critical.

Never click any link or download any attachment in a suspicious email.

Although the two most recent global ransomware attacks were not spread via the standard phishing email method, all it takes is one errant click on one illicit link or malicious file to put an entire business’ computers at risk. Training your employees to quickly identify and avoid suspicious emails is a baseline for online security.

Always back up your data.

Creating regular, redundant, and remote backups of your critical business data is one of the most important security measures you can take for continued success. While free solutions exist on the open market that may indicate they’re backing up your entire computer, reliable data backup performed on a regular basis by a trusted IT provider is the safest way to prevent any ransomware attack, virus infection, or data breach from knocking your business out of commissions. Oh, and make sure your backup retrieval procedures are well vetted and regularly tested — if your data is lost, you want to be able to quickly restore it in the event of a cyberattack or natural disaster.
3 Ways Remote Monitoring Helps Businesses
Solid Vendor Management Leads To Solid Successes
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 23 November 2017

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Cloud Business Computing Best Practices Malware Privacy Network Security Hackers Productivity Backup IT Services Managed IT Services Software Microsoft Ransomware User Tips Outsourced IT Business Computer IT Support Internet Business Continuity Email Mobile Devices Windows 10 Managed IT Efficiency Remote Monitoring Google Android Smartphone Social Media Productivity Workplace Tips Disaster Recovery Data Management Hosted Solutions Unified Threat Management Data Recovery Office 365 Hardware IT Support Data Backup Recovery Training SaaS Managed Service Provider Save Money Apps Innovation Work/Life Balance Cybersecurity Communication Cloud Computing Tip of the week App Data Managed IT Services Content Filtering File Sharing Password Big Data Firewall Internet of Things Phishing Word Paperless Office Robot Collaboration Telephone Systems Small Business Windows IT Service Hosted Solution Smartphones Browser Facebook Mobile Device How To Risk Management Wireless BYOD Automobile Vendor Management Physical Security Antivirus Mobile Device Management Virtual Private Network Files Twitter Encryption Data Storage Taxes Uninterrupted Power Supply Artificial Intelligence Going Green Virtualization Education Windows 10 VoIP VoIP Mobility Websites Alert Health BDR Botnet Samsung Politics Virtual Reality IT Management Money Computer Care Hacker Maintenance Vulnerability Employer-Employee Relationship Automation Business Technology Server Point of Sale Staffing Communications Google Drive Notifications History Mobile Data IBM Tracking Bluetooth VPN Legal Lenovo Tablet Web Server Update Avoiding Downtime Personal Information Unified Threat Management Cabling Corporate Profile Document Management How To Black Market Superfish Apple Cameras Office Tips Chromebook Time Management User Error Infrastructure WannaCry G Suite Hacking Network Mail Merge Analytics IT Solutions Scam Customer Service CCTV Network Management Wi-Fi Printer Disaster Monitors Identity Theft Trending Law Enforcement Address Tech Support Chrome Remote Computing Upgrades Networking Google Maps Administrator Touchscreen Computer Repair Access Control Data loss Office Gadget Redundancy Budget Firefox Processors Bandwidth Data Security IT Consultant Business Management Upgrade SharePoint Business Growth Cybercrime Search Help Desk Customer Relationship Management Techology Emoji Solid State Drive Holiday YouTube Supercomputer Travel Microsoft Office Assessment Downtime Computing Heating/Cooling Virus Electronic Medical Records Hard Disk Drive Outlook Settings IT Budget Motion Sickness Information Technology Error Sports Consultation Social Licensing Unsupported Software Sync Servers Shortcut Wireless Technology Digital Computers Project Management Digital Payment Meetings Cleaning Private Cloud Software Tips WiFi Mobile Device Managment Server Management Crowdsourcing Patch Management Telephony Spyware USB Webcam Public Cloud Quick Tips GPS Cortana Statistics Government Technology Laws CrashOverride Cost Management Hacks Thank You Congratulations Downloads Disaster Resistance Two-factor Authentication Proactive IT Multi-Factor Security IT Consulting Emergency Data Breach

Newsletter Sign Up