crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Latest Ransomware Attack is Brutal Reminder of Cyber Security Importance

A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.

Why NotPetya Isn’t Really a Ransomware
The first clue that researchers had that NotPetya had a different motivation was the fact that the ransom only demanded the Bitcoin equivalent of $300. Secondly, the only means of getting the decryption key was to send an email to an address hosted by German email provider Posteo. Despite the lack of preparation the payment method appeared to have, NotPetya itself was clearly designed to be able to infiltrate as many networks as possible and do maximum damage once inside.

A Hybrid Hacking Attack
Since the attack commenced, researchers have ascertained that despite its initial similarities with Petya, NotPetya shares many traits with other malicious programs. Like WannaCry, the attack that affected much of Europe, NotPetya leverages EternalBlue. EternalBlue is a National Security Agency hacking tool that targets unpatched systems and steals the passwords that allow administrator access. In addition to EternalBlue, NotPetya also utilizes EternalRomance, another code that was stolen from the NSA.

Once NotPetya has infected one computer, it extracts passwords from its memory or the local filesystem to allow itself to spread--including onto updated and patched Windows 10 systems.

How To Protect Your Files
First off, don’t expect that you can retrieve your files just by paying the ransom. Even if those responsible for NotPetya intended to keep their word and return them once paid, Posteo has shut down the provided email account victims were to receive their keys from. As a result, unless a victim was already following certain best practices, their files are as of yet unrecoverable.

However, this does not mean that everyone is vulnerable to this attack. Before the EternalBlue and EternalRomance exploits were distributed on the dark web, Microsoft had already released patches for the vulnerabilities. However, if these patches were not applied, a user’s systems were (and are) still vulnerable.

The best method to avoid infection from this kind of attack is to ensure your users understand the importance of cyber security efforts, and that all of your business’ systems are reinforced against the latest threats by keeping your defenses up-to-date.

Furthermore, even an infected user is not without hope if they have been backing up their files. If they have done so, all they have to do is disconnect their computer from the Internet, reformat their hard drive and restore their data from their backup solution. However, for this to work, you have to also be sure that your backups are up-to-date, and that your backup is stored in an isolated location, separate from your network.

Integrated Business Technologies has the experience and expertise to help prevent you from becoming a victim of a malware like this, whether we help you manage your backups or help educate your users to avoid attacks like these in the first place. Give us a call at (918) 770-8738 today.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 20 July 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Managed Service Provider Business Management Internet Cloud Microsoft Business Computing Best Practices Saving Money Productivity Workplace Tips IT Services Backup Hosted Solutions Hackers Mobile Devices Email Malware Software Business IT Support Small Business Hardware Network Data Server Smartphones Communication Upgrade Business Continuity VoIP Google Windows Computer Mobile Device Management Microsoft Office Disaster Recovery Virtualization Efficiency Miscellaneous Innovation Mobile Office Vendor Management Holiday Gadgets Social Media Outsourced IT BYOD Quick Tips Passwords User Tips Mobile Computing Android Smartphone Data Backup Internet of Things Browser Managed IT services Network Security WiFi Bring Your Own Device Tech Term Windows 10 Remote Monitoring The Internet of Things Ransomware Spam Best Practice Wireless Technology Data Management Trending Operating System Apple Remote Computing Data Recovery Users Alert Save Money Going Green Content Filtering Artificial Intelligence History Firewall Gmail Unified Threat Management Big Data Office Analytics IT Solutions Lithium-ion Battery Facebook IT Consultant Printer Encryption Tech Support Information Technology Current Events Managed IT App Customer Relationship Management Windows 8 Two-factor Authentication Router Humor Antivirus Saving Time Document Management Cloud Computing Avoiding Downtime Paperless Office Maintenance Applications Hard Drives Employer-Employee Relationship Computers Managed IT Services Phone System Marketing Collaboration Excel Compliance Automation Cybersecurity Office Tips Retail Phishing Bandwidth Apps Application IT service Digital Payment Mobile Device Virus Chrome Business Growth VPN Risk Management Fax Server Outlook Customer Service Productivity Website Health Hacking Password iPhone Administration Government Presentation Augmented Reality Project Management Inbound Marketing Budget Proactive IT Computer Repair Regulations Mouse Recovery Money Data Security Net Neutrality Running Cable Social Licensing Training File Sharing PowerPoint Wi-Fi Social Networking Unified Communications User Error Tablet Infrastructure Co-Managed IT Office 365 Vulnerability Intranet Competition Business Intelligence Blockchain HIPAA Network Congestion Recycling eWaste Downtime Data loss Redundancy BDR Scam Search Piracy Virtual Desktop USB Business Owner Internet Exlporer Files Sports Smart Technology Hacker Mobile Security User Point of Sale Programming Company Culture Analyitcs Twitter IoT Mobility Education Specifications Safety Tip of the week Settings Flexibility Hosted Solution IBM Cost Management Wireless Data storage Cybercrime Save Time Wearable Technology Robot Help Desk Hiring/Firing Display Alerts Printing End of Support LiFi Computing Statistics IT Support Text Messaging Operations SaaS Data Breach Deep Learning Print Server Wires Work Station Cookies G Suite Technology Tips Domains Google Wallet Adminstration Fun Writing LinkedIn Management Congratulations Video Surveillance Virtual Private Network 3D Chromebook Technology Laws Word Law Firm IT Windows 8.1 Update Nanotechnology Travel Comparison Public Speaking Drones Cortana Social Engineering Best Available Buisness Enterprise Resource Planning Permissions IT Technicians Unified Threat Management Identities Screen Reader Black Friday Backups Knowledge Environment CIO Mobile Assessment Fraud Mirgation Telephony Access Control Solid State Drive Bluetooth Online Currency Samsung Smart Tech Identity Theft Cyber Monday Scheduling Legal Experience Troubleshooting Debate Managing Stress IT Management Computer Accessories Business Technology Storage SharePoint Heating/Cooling Alt Codes Consumers Crowdfunding Connectivity YouTube Enterprise Content Management Network Management Networking Migration Machine Learning Downloads Typing Distributed Denial of Service IP Address Google Drive Windows 10 Hotspot How To Vulnerabilities Touchscreen Chatbots Private Cloud Multi-Factor Security Refrigeration Cryptocurrency Disaster Google Docs Star Wars Managed IT Service Language Geography Techology Identity Public Cloud Google Calendar Macro Bitcoin Digital Signature Memory Utility Computing Software Tips Break Fix Server Management Computing Infrastructure Laptop communications High-Speed Internet Sync Legislation Hacks Documents Conferencing Healthcare Dark Web Cooperation Gaming Console Halloween Disaster Resistance Entrepreneur Development Motherboard PC Care Mobile Device Managment Undo 5G PDF Value People Hard Drive Data Warehousing eBay Patch Management Staff Scary Stories Virtual Reality IT Consulting Cables Remote Support Modem Leadership Software as a Service Monitors Skype Streaming Media Cache New Additions Microsoft Excel

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code