As the latest wave of ransomware attacks known as Petya unfolds, we take a look at where it’s happening and what it actually meansRansomware is where hackers hold your data hostage for payment Click To Tweet
We all know that cyber crime and so-called Ransomware (where hackers basically hold your data hostage until you pay them to release it back to you) is bad news, but what is it and how does this latest wave differ from what we’ve seen before?
Chris Morales, head of security analytics at Vectra Networks, says there are clear parallels with previous attacks, and points to the fact that organisations need to be much more on top of their game where it comes to reinforcing up their cyber security provisions and patching up vulnerabilities that leave them open to such attacks.
This latest attack has so far affected major organisations in Ukraine, Russia, Denmark, France, the UK, the US, Spain and the Netherlands Click To Tweet
“Petya is a wormlike spreading is similar to WannaCry and Conficker and causes detections for reconnaissance and lateral movements in our AI software. We expected WannaCry to cause organisations to patch their Windows systems that have the SMB vulnerability so I am dumbfounded that this is even working. This is a prime example of needing to patch vulnerabilities when discovered. It’s affected computers in the exact same way that WannaCry did and this attack tells us who the true laggards are when it comes to patching systems.”
This is a prime example of needing to patch vulnerabilities Click To Tweet
Presented by Vectra.ai
The question then becomes: What can we do to protect ourselves against future attacks? The bad news is that there is no silver bullet, says Morales.
The NSA designed these tools to specifically bypass security solutions Click To Tweet
“Any security vendor saying they could completely protect an enterprise from this form of attack isn’t being honest, because the attacker just needs to succeed once and the attack surface is too large. By adding worm-like spreading to PetWrap, the attacker has created a pyramid scheme that encrypts the boot record of the computer, not just the files, which makes this attack far more fatal.
The industry will continue playing catch-up with the hackers Click To Tweet
By the time you find one infected machine, you can assume dozens more have been infected, turning this into a light-speed game of whack-a-mole from a security perspective. The NSA designed these tools to specifically bypass existing security solutions, so it’s no surprise that the industry will be playing catch up for the next several months.”
For companies looking to gain a competitive edge through technology, Tech Trends offers strategic Virtual Reality and Digital Transformation Consultancy services tailored to your brand.
Alice Bonasio is a VR and Digital Transformation Consultant and Tech Trends’ Editor in Chief. She also regularly writes for Fast Company, Ars Technica, Quartz, Wired and others. Connect with her on LinkedIn and follow @alicebonasio on Twitter.