4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Welcome to the New Normal

World ransomware


Welcome to the new normal, as we usher in another massive worldwide fear inspiring ransomware attack.  I will spare you the technical details of this specific malware, but I do feel it is important to understand the common elements of this latest attack, and the ongoing preferred methodology being used in ransomware attacks.

In April of this year, we witnessed a harmless but embarrassing email phishing campaign that was focused on Dropbox users.  The phishing campaign involved an email that looked like it came from someone you knew with a download link that pointed to a Dropbox file for you to download.  Since people send Dropbox links all the time, this is a very effective phishing technique.   I had a funny feeling at the time that this was a dress rehearsal for a much larger phishing campaign using Dropbox download links.

Not even two months later, say hello to Petya.  This ransomware virus differs from traditional ransomware in two key ways:

  1. The virus is distributed via the Dropbox network.
  2. The virus will actually overwrite boot files required to load Windows, thus completely locking the user out of his ability to use his computer.

The victim usually first receives a business-related email from an applicant that is supposedly applying for a job. The victims are lured into opening a Dropbox storage location, which contains the CV and other details of the applicant. When the user tries to open the relevant files a self-extracting executable file will be run on their PC, which contains a Trojan horse virus. The virus will then blind any anti-virus programs installed and remotely download the Petya ransomware.

The most important question now is how we effectively protect ourselves from these types of attacks going forward.  First, over the past couple of months, 4IT has been evaluating end-user phish testing and education services with two different vendors.  Essentially, these services conduct continuous phishing email campaigns against your company and then provide you with campaign reports showing who opened the emails, and who clicked on the links.  Those users are then provided additional training and evaluated again during the next campaign.  This provides a measurable reduction in the potential risk associated with Phishing and is much more effective than a one-time training session.  4IT will be adding this service shortly to our managed service enhanced security suite.  Second, building multiple layers of detection and prevention significantly increases the chance that one of the layers will recognize the malware.  Our preferred combination of anti-virus (Webroot), anti-malware (Malwarebytes), OpenDNS (Content Filtering), and the Sonicwall Comprehensive Security Gateway creates four separate layers of possible detection.  In fact, the good news for SonicWall customers that are using the full suite of security services is that Sonicwall had signatures for certain variants of Petya since March 2016. In April 2017, Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA.

Realistically, this constant wave of attacks is probably the new normal for cybersecurity, and will only serve to reinforce the value of ongoing investments in technology and training to prevent, detect, and remediate cyberattacks.



Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Hackers Backup Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Innovation Disaster Recovery Business Continuity Hardware Workplace Tips VoIP Computer User Tips Saving Money Windows 10 Miscellaneous Virtualization Upgrade Mobile Device Management Mobile Devices Data Network Security Server Mobile Computing Email Alert Save Money Communication Microsoft Office Network Small Business Smartphone Quick Tips communications Social Media Smartphones BYOD Information Technology Going Green Mobile Office Apps Office Health Android Application Browser Ransomware Gadgets Managed IT Services Outsourced IT Operating System Chrome Avoiding Downtime Tablet WiFi Productivity Managed IT Disaster Holiday Firewall Mobility Remote Computing Telephone Systems Unified Threat Management IT Solutions Spam BDR Passwords Search Best Practice Cybersecurity Data Management Cybercrime The Internet of Things Risk Management Facebook Employer-Employee Relationship History Remote Monitoring Budget Hard Drives Automation Saving Time Apple Hacking Vendor Management VPN Computers iPhone Customer Relationship Management Big Data Money Recovery Content Filtering Phone System Proactive IT Office Tips User Error Data Recovery Marketing Collaboration Law Enforcement Phishing Wireless Technology Password Data Backup Hosted Solution Wearable Technology Telephony Printer Maintenance PowerPoint USB Virus Analytics Encryption Gmail Router Government Vulnerability Bring Your Own Device Lithium-ion battery Antivirus Shortcut Work/Life Balance Social Current Events Office 365 Humor Administration Politics Data Security Personal Information Private Cloud Tech Support Wireless Outlook Unsupported Software Users Google Drive Cloud Computing Windows 8 Save Time App SaaS Cost Management Audit Data Protection HaaS Intranet Bandwidth Printer Server Business Intelligence Laptop OneNote Point of Sale IT COnsultant Education Social Engineering Trending Computer Repair Net Neutrality hacker Display Instant Messaging Emails Transportation HIPAA Augmented Reality Entertainment Battery Robot Benefits Paperless Office Social Networking Computer Care DDoS Computer Accessories Automobile Fax Server Compliance End of Support Mouse Workplace IT Support Streaming Media Internet Exlporer Two-factor Authentication Windows 10 Managing Stress Uninterrupted Power Supply online currency Excel Internet of Things Identity Theft Solid State Drive Sports Flexibility Travel Network Congestion Data Storage Help Desk Update Efficency Customer Service Biometrics Samsung Wi-Fi Retail Emergency Artificial Intelligence Virtual Reality Applications Meetings Black Market systems Access Human Resources Nanotechnology IT consulting Company Culture Touchscreen OneDrive Running Cable Hard Disk Drive IT Security Amazon Tablets hack Co-managed IT Root Cause Analysis Reliable Computing Cleaning Experience HBO Bloatware best practices Keyboard Avoid Downtime NFL Cortana CrashOverride Lifestyle Hard Drive Music Ebay IT Management Word data breach Hiring/Firing Computing Legislation Data storage Branding Settings Uograde Images Books Distributed Denial of Service WIndows Server 2008 Windows Ink risk management Smart Technology Video Games Document Management WIndows 7 Inbound Marketing Data Breach Advertising eWaste Patch Management Storage Google Maps Regulations Legal Touchpad Commerce Mobile Device Value Managed Security Regulation Twitter Software as a Service Cameras Scam Wiring User Surge Protector Television Information Sync Science 3D Printing Data Loss Virtual Desktop iOS Presentation Employer Employee Relationship Worker Commute Operating Sysytem Bluetooth Managed IT Service Best Available Debate Managed IT Services PDF IT Technicians Adobe Google Docs Files Computer Fan Scalability ISP SharePoint Safety Text Messaging Licensing Microsoft Excel Chromecast Dark Web How To Programming Teamwork Blogging Screen Mirroring Upgrades Busines Continuity Nokia File Sharing Administrator Networking Near Field Communication Training Consultant Colocation Website Cast Windows 10s The Blindside Of Shadow IT Relocation Youtube Microblogging Comparison Sales Tutorial Managed Service Provder Specifications IT service Webinar Domains Taxes Supercomputer Electronic Medical Records Gift Giving IT Budget Webinar Buisness Reputation IT solutions Mobile Professional Services