Blue Cube’s Response to Petya Ransomware Global Attack

29/06/2017 by in category Blogs with 0 and 0
Home > News > Blogs > Blue Cube’s Response to Petya Ransomware Global Attack

As I’m sure you have all seen, the latest news reports of a new Petya-like global attack is spreading fast. The attack uses the NSA’s External Blue exploit involved in last months WannaCry outbreak. The details of how the malware is behaving is still developing but what’s been found so far is the ransomware primarily spreads by exploiting the inherent trust in corporate networked environments, allowing the malware to log into other machines using stolen credentials. We are working with all our partners to keep up to date of the emerging threat levels of this attack so we are able to keep our customers up to date with details. If you are unsure of your threat levels or you would like some advice on keeping your systems protected from these evolving global threats, please get in touch.

 

We would like to refresh our customers on the different ways to identity and mitigate the risks that Ransomware may pose to your organisation.  While you have no doubt taken some steps to protect yourselves, Blue Cube has produced the following 10 point plan highlighting the approaches that an organisation may take to approach Ransomware attacks – to protect against them happening, manage impact while they are happening, and recover after the event.

 

If you do require assistance, or if you would like to discuss how we can help to improve your effectiveness in any of the following areas please call 0345 094 3070:

 

#1 Provide user awareness training – with particular guidance that users should not click on links/open suspicious attachments.

#2 Maintain a comprehensive patch management programme to ensure you are protected against the latest threats – including ensuring AV is up to date.

#3 Limit user privileges and network drive connectivity to the minimum essential for job requirements – and monitor access/activity.

#4 Conduct frequent backups and store them offline in a secure location.

#5 Use network segmentation that requires authentication.

#6 Detect and protect against phishing attacks (in tandem with point 1 – education).

#7 Protect against Malware/ransomware at the gateway – ideally utilising sandbox technologies.

#8 Protect at the endpoint using advanced malware/anti-ransomware technologies.

#9 Deploy advanced threat intelligence tools to provide early warning.

#10 Develop a security incident response plan

 

There is no silver bullet to the latest threats organisations are facing, however by following best practice and employing a comprehensive security strategy, we can assist our customers in mitigating risk and protecting their valuable assets.

©2017 BLUE CUBE SECURITY LTD. ALL RIGHTS RESERVED.