“Petya”, a major new global ransomware attack is moving swiftly across the globe, and the number of companies and agencies reportedly affected by this ransomware campaign is increasing at an alarming rate. The malware sample responsible for the infection is an almost identical clone of the GoldenEye ransomware, similar to the “WannaCry” variant from May. The “Petya” ransomware spreads via spam emails and web links that appear to contain “invoices, job offers, security warnings and other legitimate files”. The messages left on the infected screen say files will remain encrypted until a Bitcoin ransom is paid.
Onepath is actively assessing the risk to our managed service clients, including auditing Windows and antivirus/antimalware patch levels on servers, workstations, and relevant security systems. Please inform your staff to be extraordinarily suspicious of all e-mails received. If it looks suspicious, assume it is suspicious and do not open any email attachments or click on Web links. Contact the sender to confirm the authenticity of the attachments or links.
There is no single silver bullet for information security – it requires execution of a layered defense game plan of Information Security AND IT Support best practices. Viruses continue to become more sophisticated by “disguising” themselves from previous versions, and antivirus technology evolves in response. But even with great technology, viruses can still infiltrate a company, many times due to unintentional actions by employees. You need a layered approach to identify and contain those threats that do get through.
The best method is an assessment of your current information security practices to determine a pro-active gameplan and approach. If you have any specific questions around your improving security posture, please click here to contact us or call at 678-271-8335.