4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Welcome to the New Normal

World ransomware

 

Welcome to the new normal, as we usher in another massive worldwide fear inspiring ransomware attack.  I will spare you the technical details of this specific malware, but I do feel it is important to understand the common elements of this latest attack, and the ongoing preferred methodology being used in ransomware attacks.

In April of this year, we witnessed a harmless but embarrassing email phishing campaign that was focused on Dropbox users.  The phishing campaign involved an email that looked like it came from someone you knew with a download link that pointed to a Dropbox file for you to download.  Since people send Dropbox links all the time, this is a very effective phishing technique.   I had a funny feeling at the time that this was a dress rehearsal for a much larger phishing campaign using Dropbox download links.

Not even two months later, say hello to Petya.  This ransomware virus differs from traditional ransomware in two key ways:

  1. The virus is distributed via the Dropbox network.
  2. The virus will actually overwrite boot files required to load Windows, thus completely locking the user out of his ability to use his computer.

The victim usually first receives a business-related email from an applicant that is supposedly applying for a job. The victims are lured into opening a Dropbox storage location, which contains the CV and other details of the applicant. When the user tries to open the relevant files a self-extracting executable file will be run on their PC, which contains a Trojan horse virus. The virus will then blind any anti-virus programs installed and remotely download the Petya ransomware.

The most important question now is how we effectively protect ourselves from these types of attacks going forward.  First, over the past couple of months, 4IT has been evaluating end-user phish testing and education services with two different vendors.  Essentially, these services conduct continuous phishing email campaigns against your company and then provide you with campaign reports showing who opened the emails, and who clicked on the links.  Those users are then provided additional training and evaluated again during the next campaign.  This provides a measurable reduction in the potential risk associated with Phishing and is much more effective than a one-time training session.  4IT will be adding this service shortly to our managed service enhanced security suite.  Second, building multiple layers of detection and prevention significantly increases the chance that one of the layers will recognize the malware.  Our preferred combination of anti-virus (Webroot), anti-malware (Malwarebytes), OpenDNS (Content Filtering), and the Sonicwall Comprehensive Security Gateway creates four separate layers of possible detection.  In fact, the good news for SonicWall customers that are using the full suite of security services is that Sonicwall had signatures for certain variants of Petya since March 2016. In April 2017, Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA.

Realistically, this constant wave of attacks is probably the new normal for cybersecurity, and will only serve to reinforce the value of ongoing investments in technology and training to prevent, detect, and remediate cyberattacks.


 

 

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft Internet Business Computing software Backup Hackers Productivity Hosted Solutions Business Management Managed Service Provider Malware Business IT Services Google Efficiency Windows Innovation IT Support Disaster Recovery Hardware Workplace Tips Saving Money Miscellaneous VoIP Computer Business Continuity Upgrade Windows 10 Virtualization Mobile Devices Data Mobile Device Management Server User Tips Mobile Computing Communication Network Save Money Network Security Quick Tips Alert Smartphones BYOD Going Green Mobile Office Information Technology Email Social Media Health communications Apps Small Business Office Microsoft Office Smartphone Android Operating System Application Ransomware Gadgets Disaster Managed IT Services Outsourced IT Tablet Firewall Browser Avoiding Downtime Passwords BDR Productivity Search Risk Management Holiday Chrome The Internet of Things WiFi Remote Computing Unified Threat Management Mobility IT Solutions Spam Saving Time Hacking Best Practice Vendor Management Data Management Managed IT Employer-Employee Relationship Telephone Systems Remote Monitoring History Budget Facebook Automation Hard Drives Office Tips Marketing Password Cybercrime Hosted Solution VPN Wireless Technology Cybersecurity Customer Relationship Management Recovery Big Data Apple Analytics Gmail Router Money Proactive IT Bring Your Own Device Antivirus User Error Social Phishing Lithium-ion battery Collaboration Humor Administration Computers Telephony Wearable Technology Current Events iPhone Law Enforcement Maintenance PowerPoint Phone System Virus Printer USB Content Filtering Encryption HaaS Wireless Government App Business Intelligence Cost Management Google Drive Cloud Computing Intranet Point of Sale Save Time Bandwidth IT COnsultant Printer Server Social Engineering Computer Repair Laptop OneNote Work/Life Balance Education Trending Private Cloud Net Neutrality Office 365 Users Tech Support Windows 8 SaaS Workplace Battery Audit Robot Computer Care Streaming Media Automobile Uninterrupted Power Supply Unsupported Software Network Congestion End of Support online currency Shortcut IT Support Update Customer Service Help Desk Internet Exlporer Biometrics Retail Virtual Reality Internet of Things Identity Theft Meetings Data Protection Solid State Drive Efficency Flexibility Instant Messaging Emails HIPAA Entertainment Social Networking Benefits Samsung Computer Accessories Display DDoS Mouse Augmented Reality Paperless Office hacker Two-factor Authentication Personal Information Outlook Transportation Fax Server Managing Stress Excel HBO Experience Value Keyboard Cameras best practices Avoid Downtime CrashOverride Wiring User Science IT Management Music Information Virtual Desktop Hiring/Firing Presentation data breach Settings Debate Data storage Bluetooth Best Available IT Technicians Books Travel Twitter Smart Technology risk management Video Games Document Management Surge Protector SharePoint Data Breach Advertising Television Windows 10 Legal 3D Printing Commerce Touchpad Teamwork Mobile Device Managed Security Nokia Busines Continuity Networking Scam Near Field Communication Vulnerability Data Recovery ISP Sports Human Resources Employer Employee Relationship IT consulting iOS Managed IT Service Worker Commute Programming Operating Sysytem Blogging Running Cable Managed IT Services PDF Files Reliable Computing Computer Fan Scalability Data Storage Website Bloatware Safety Text Messaging How To Chromecast Dark Web Upgrades Screen Mirroring Wi-Fi OneDrive Hard Drive Emergency Artificial Intelligence Amazon Administrator Co-managed IT Branding Training Data Backup Consultant Cast Applications Uograde Compliance Colocation Images Distributed Denial of Service The Blindside Of Windows 10s Nanotechnology Black Market Access Company Culture WIndows 7 Touchscreen Data Security Politics Inbound Marketing Ebay eWaste IT Security Regulations Hard Disk Drive Computing Root Cause Analysis Cleaning Relocation Domains Tutorial WIndows Server 2008 Buisness Gift Giving Taxes Supercomputer Electronic Medical Records IT Budget Webinar Reputation IT solutions Microblogging Youtube Sales Lifestyle Storage Managed Service Provder Shadow IT Webinar IT service