Today, news broke of new threat called "Petya" , the latest in a disturbing trend of ransomware attacks worldwide. It is becoming one of the top types of Malware and the sophistication of these types of attacks are ever increasing. These latest global attacks, including the recent “WannaCry” attack are examples of the sophistication of these threats This Ransomware was combined with a worm-like behaviour that aided the spread of the malware based upon OS vulnerabilities.
Many experts predict that the sophistication and extent of these types of attacks are only going to increase – which challenges all IT organizations.
I discussed in May how Enterprises can leverage backups as an insurance against Ransomware.
However, backups form a way to recover from a successful exploit only. The time and cost, along with the risk of having devices infected in the first place should be avoided, if possible.
Looking at the “WannaCry” malware, experts understood that the quick spread of the malware was aided by a known Windows vulnerability that Microsoft published a patch on March 14, 2017. So why were so many machines in so many countries affected. This points to the ever present challenge of patch management and ensuring that all your corporate devices that access or have sensitive data on them are regularly patched. There are tools that can help manage these onerous tasks and report on status anytime.
Enterprises cannot rely on end user education only to protect devices.
Many customers also ask, what else can I do?
Here are some considerations:
1) Sandboxing – helps against zero day (as yet unknown) threats.
2) Anti-Malware – software solutions that leverage various technologies, including machine learning to assist in protecting devices.
3) Mobile Device Management (MDM) – solutions to ensure devices are properly protected.
4) Properly manage data access and share rights.
5) Database Security software/appliances
Finally, talk to a security partner who can help with a risk assessment and putting together best of breed solutions to help reduce the risk.
Network Practice Lead, Sentia