4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Latest Ransomware Attack is Brutal Reminder of Cyber Security Importance


A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.

Why NotPetya Isn’t Really a Ransomware
The first clue that researchers had that NotPetya had a different motivation was the fact that the ransom only demanded the Bitcoin equivalent of $300. Secondly, the only means of getting the decryption key was to send an email to an address hosted by German email provider Posteo. Despite the lack of preparation the payment method appeared to have, NotPetya itself was clearly designed to be able to infiltrate as many networks as possible and do maximum damage once inside.

A Hybrid Hacking Attack
Since the attack commenced, researchers have ascertained that despite its initial similarities with Petya, NotPetya shares many traits with other malicious programs. Like WannaCry, the attack that affected much of Europe, NotPetya leverages EternalBlue. EternalBlue is a National Security Agency hacking tool that targets unpatched systems and steals the passwords that allow administrator access. In addition to EternalBlue, NotPetya also utilizes EternalRomance, another code that was stolen from the NSA.

Once NotPetya has infected one computer, it extracts passwords from its memory or the local filesystem to allow itself to spread--including onto updated and patched Windows 10 systems.

How To Protect Your Files
First off, don’t expect that you can retrieve your files just by paying the ransom. Even if those responsible for NotPetya intended to keep their word and return them once paid, Posteo has shut down the provided email account victims were to receive their keys from. As a result, unless a victim was already following certain best practices, their files are as of yet unrecoverable.

However, this does not mean that everyone is vulnerable to this attack. Before the EternalBlue and EternalRomance exploits were distributed on the dark web, Microsoft had already released patches for the vulnerabilities. However, if these patches were not applied, a user’s systems were (and are) still vulnerable.

The best method to avoid infection from this kind of attack is to ensure your users understand the importance of cyber security efforts, and that all of your business’ systems are reinforced against the latest threats by keeping your defenses up-to-date.

Furthermore, even an infected user is not without hope if they have been backing up their files. If they have done so, all they have to do is disconnect their computer from the Internet, reformat their hard drive and restore their data from their backup solution. However, for this to work, you have to also be sure that your backups are up-to-date, and that your backup is stored in an isolated location, separate from your network.

4IT has the experience and expertise to help prevent you from becoming a victim of a malware like this, whether we help you manage your backups or help educate your users to avoid attacks like these in the first place. Give us a call at 305-278-7100 today.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 26 July 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Best Practices Privacy Microsoft Internet Business Computing software Hackers Backup Hosted Solutions Productivity Business Management Managed Service Provider Malware Business Google Efficiency IT Services Innovation Windows IT Support Workplace Tips Disaster Recovery Hardware Saving Money Miscellaneous Computer VoIP Business Continuity Windows 10 Upgrade Virtualization Data Mobile Devices Mobile Device Management Server Mobile Computing User Tips Communication Network Security Save Money Network Alert Quick Tips Email Social Media Smartphones BYOD Going Green Information Technology Mobile Office Apps Small Business Microsoft Office communications Health Office Smartphone Gadgets Android Application Ransomware Operating System Tablet Avoiding Downtime Browser Managed IT Services Outsourced IT Disaster Firewall The Internet of Things Mobility Remote Computing WiFi Unified Threat Management IT Solutions BDR Productivity Passwords Search Holiday Chrome Risk Management Facebook History Remote Monitoring Hacking Best Practice Hard Drives Data Management Spam Saving Time Vendor Management Managed IT Telephone Systems Employer-Employee Relationship Budget Automation Customer Relationship Management Office Tips Big Data Apple Password Cybercrime Hosted Solution Marketing Cybersecurity Recovery VPN Wireless Technology Wearable Technology iPhone Maintenance PowerPoint Printer Virus USB Antivirus Content Filtering Money Analytics Social Router Gmail Phishing Proactive IT Bring Your Own Device User Error Computers Telephony Lithium-ion battery Collaboration Law Enforcement Phone System Humor Administration Current Events Education Trending Office 365 Net Neutrality HaaS Tech Support Users Business Intelligence Wireless Encryption Windows 8 Cloud Computing Google Drive App Government Social Engineering Save Time Cost Management Intranet Bandwidth Printer Server Private Cloud Laptop Point of Sale IT COnsultant Work/Life Balance OneNote Computer Repair IT Support Two-factor Authentication Managing Stress Display SaaS hacker Audit Augmented Reality Social Networking Personal Information Transportation Paperless Office Computer Care Battery Robot Fax Server Shortcut Outlook Unsupported Software Automobile Update Customer Service Workplace Biometrics End of Support Streaming Media Retail Virtual Reality Uninterrupted Power Supply Meetings Internet Exlporer online currency Internet of Things Network Congestion Identity Theft Instant Messaging Emails Data Protection Solid State Drive Flexibility HIPAA Help Desk Entertainment Benefits DDoS Computer Accessories Efficency Mouse Samsung WIndows 7 Website Emergency Artificial Intelligence eWaste Administrator Inbound Marketing Training Consultant Applications Windows 10 Colocation Regulations OneDrive The Blindside Of Commerce Black Market Access Excel Amazon Value Company Culture Cameras Co-managed IT Touchscreen Politics Vulnerability User IT Security Data Recovery Hard Drive Science Cleaning Presentation Experience iOS Virtual Desktop Bluetooth Best Available Ebay Keyboard Managed IT Service Avoid Downtime Uograde Managed IT Services Images IT Technicians Computing Travel Music Computer Fan SharePoint Hiring/Firing Data Storage Data storage Books Dark Web Video Games Teamwork Smart Technology Screen Mirroring Document Management Busines Continuity Near Field Communication Data Breach Data Backup Advertising Networking Legal Wiring Twitter Cast Mobile Device Information Windows 10s Touchpad IT consulting Surge Protector Managed Security Nanotechnology Human Resources Running Cable Television Scam Data Security Debate Hard Disk Drive 3D Printing Reliable Computing Root Cause Analysis Sports Employer Employee Relationship HBO Worker Commute best practices Operating Sysytem Bloatware CrashOverride PDF ISP Scalability Files IT Management Nokia data breach Blogging Safety Settings Text Messaging Branding Programming How To Distributed Denial of Service Chromecast Compliance Upgrades Wi-Fi risk management Storage IT service Domains Shadow IT Lifestyle Relocation Youtube Microblogging Sales Webinar Managed Service Provder Buisness Tutorial Webinar IT solutions Taxes Supercomputer Gift Giving Electronic Medical Records IT Budget WIndows Server 2008 Reputation