NotPetya Ransomware – Urgent Advisory! (28th June 2017)

28
Jun
Chris Thornton

Written by Chris Thornton, 28 June 2017

A new strain of ransomware is wreaking havoc across the globe.  Large multi-nationals, governments, banks, utilities and transport systems from Europe to the US have all been reported to have been affected by the latest ransomware strain so far, and we are sure more will follow. 

What is NotPetya?

The NotPetya cyber attack works differently from the recent WannaCry infection by blocking access to the entire computer before demanding a ransom payment to regain access.  It also spreads from machine to machine causing even more devastation.

There are different theories behind how the ransomware spreads but is believed to come from a malicious link received via email or an infected email attachment.

The impact of the infection will be, at best, painful for any business but for those without the necessary protection in place it could be devastating.  Excess downtime and data loss are the immediate and most obvious effects but longer term the reputation of your business could also suffer.  Don’t wait until it’s too late, act now to make sure your business is protected.

What Should I Do?

The first thing to do is advise all your staff to be aware of any suspicious emails.  They should already know to double check any attachment or link received via email but reinforcing this message can’t do any harm.

What Next?

Carrying out a basic cyber security audit on your IT systems is never a bad idea and is something you can achieve internally within your business should you not have any external help.

  • Backups – At the bare minimum, is all your data backed up regularly?  At best, can you recover your entire servers from backup?
  • Business Firewall – Is your firewall configured to protect your network against unauthorised access?
  • Business Antivirus – Are all the machines in your network protected by a business class, reputable anti-virus solution?
  • Email Filtering – Are external email scanned for malicious content and potentially malicious links before they reach your staff?
  • Web Filtering – Is internet access for all staff filtered to block access to malicious content?
  • Regular Patching – Are all computers & servers patched regularly to address known vulnerabilities?

These recommendations do not guarantee that you will not be infected, and do not cover every area but do reduce the risks to your business considerably.

If you are concerned that your business does not have the necessary protection, or needs to improve on your current levels of protection, speak to your trusted IT provider to get the right advice.  Investing a little now is very likely to save you a lot of time and money in the future.

How to Protect Your Business Against Ransomware

With a number of major organisations still affected by the Petya malware weeks after the infection began on the 27th of June, can your business cope with ongoing fallout from a similar infection?

Why should you outsource your IT?

The majority of people in my business circle know that I enjoy little more of a working day than sitting down with a business associate and having a chat over some coffee. It was during one of these chats that the conversation rolled around to “Who actually looks after your IT?”.