As another ransomware virus goes global, we continue to recommend measures to stay ahead of these attacks…
As was the case with the recent WannaCry outbreak, this threat is a combination of a traditional ransomware attack and a worm that uses a vulnerability in Microsoft’s operating system to spread to other machines.
However NotPetya (a 'hack' of the original Petya malware) is far more destructive and can render machines unbootable and according to reports it is not actually possible to pay the ransom to recover the machine.
Patching and Maintenance
In relation to the Microsoft vulnerability, organisations that have an automated patching system will be protected against the worm element of NotPetya. However, the ransomware aspect of this threat is similar to other ransomware and can cause considerable disruption.
Proactive defence mechanisms
One of the key goals of our Technology Optimisation team is to improve and enhance customers security. Part of their process is to evaluate their defences and provide feedback on potential improvements to ensure customers are in the best possible shape to weather attacks like these. The best defence against these threats is a multi-layered approach, using anti-spam in the cloud, anti-malware on the desktop and servers, and filtering and sandboxing at the gateway between your organisation and the Internet.
Upgrade to Windows 10 for better security
WannaCry, NotPetya and other similar attacks are particularly successful against older operating systems, especially Windows XP and Server 2003. One of the simplest ways to improve your organisations security is to ensure you are upgraded to the latest Microsoft operating systems. Please review our blog on how upgrading to Windows 10 can provide better security.
Educate your staff
Ensuring staff are aware of the abundance of scams and phishing emails that fly around daily is essential. Staff should be cautious when browsing unknown websites, opening attachments from unknown sources and avoid using free scan tools. Phishing emails come in all forms including what looks like reputable institutions and in some cases emails that look like they are from senior managers internally. We recommend having staff view our examples of "real life" phishing scams and watch our Ransonware webinar series on how to help prepare your organisation against threats and stay protected.
Or join our free 15-minute Webinar on Ransomware Emerging Threats and we can help you understand more about these new threats - Register Here!
How can Diamond help?
Contact us today to discuss your security concerns or for more information on how we can work together with you on your Windows 10 migration and other IT and Communications needs through our industry recognised and award winning services – call now on 1300 307 907 or via our online contact form below.
Diamond Technology Optimisation - Security
At Diamond, we take Security seriously. So seriously that we created the Technology Optimisation (TechOps) team. This team is designed to focus solely on aligning our customers ICT environment to industry best practice on an ongoing, proactive basis. We will not only evaluate your hardware and software, but the overall configuration of your environment as well.
Take our quick Online Security Assessment to see how vulnerable your business may be…