Jul 6, 2017Industry insights,
No second chances with NotPetya
We are all becoming increasingly aware of the dangers associated with ransomware such as Crypto and WannaCry, mainly due to the high-profile businesses that have been affected and the media attention that has followed. This malware has been receiving more than its fair share of exposure, as Global recovery from such attacks is still happening now.
All eyes are on recently developed NotPetya though, as it makes previous ransomware seem tame. Ukrainian in origin, the NotPetya doesn’t just hold your data to ransom, with monetary demands before release, it actually demands the funds and then destroys the data, so it’s highly unlikely you will be able to recover your data at all. Recent reports are showing that this particular variant actually sends a randomly generated installation ID that is required to decrypt the affected machines.
It’s worth keeping in mind, that users and businesses that operate using current equipment, with up-to-date patches and run a robust antivirus software should remain protected. Although, as with the NHS hack of recent months, the vulnerability for many of these new strains of viruses lie with Microsoft’s SMB (Server Messaging Block) and for any business that has failed to maintain their patch management on more historic iterations of this networking protocol, it’s highly likely that the company will be significantly at risk.
If patch management should be high on every IT department managers agenda and ensuring that the crucial SMB patch management has been issued, is truly vital.