Petya Global Ransomware Attack

in Security, Threats |

As you may have seen in the news yesterday, we are currently experiencing another global ransomware attack. The last attack was the WannaCry in May. This latest ransomware has been called ‘Petya’€. We wanted to send out a brief email to bring our customers up to date, and advise what steps can be taken to defend yourself and your company against these more frequent attacks.

What is ransomware? Ransonware is a piece of malicious software which blocks access to files on your computer until a payment is made to the sender of the software.

The last two global attacks (WannaCry and now Petya) are using the €œEternalBlue€ exploit within Windows operating systems. Microsoft addressed this exploit in March with updates and patches to its server and desktop operating systems. However, many companies and individuals do not regularly patch their devices, allowing these types of attacks to succeed.

What SystemArchitecture recommends:

  • Make sure that your servers and workstations are up to date with the latest patches from Microsoft
  • Make sure you have up to date backups of critical data, and that the backups are offsite
  • Avoid opening attachments in emails from people you do not know

Consider purchasing ransomware mitigation software- we recommend Sophos’€™s Intercept X. While no product will protect you 100% of the time, we have found this product to have a high level of success at blocking and preventing the unwanted encryption of our client’€™s data.

For your home and family computers, we recommend downloading the free Sophos Home Premium Beta, which includes a ransomware blocker as part of its package. You can install this on up to 10 home computers.

Of course, we offer solutions that will help prevent ransomware from affecting your company such as:

• Server monitoring and maintenance- our team of dedicated network engineers remotely monitor, maintain and patch your servers each month for you.

• We will procure and sell solutions like Sophos’€™s Intercept X, and provide a monthly service- Endpoint Monitoring and Maintenance- where we make monitor and maintain your endpoint protection solution.

• Disaster recovery- we will architect the right disaster recovery solution for your company taking into account budget and tolerable downtime while making sure you have an offsite backup location if desired.

Unlimited remote help desk- our network engineers are available to assist your end users with any questions and resolve potential virus attacks at the end user level before they impact your entire network.