4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Welcome to the New Normal

World ransomware


Welcome to the new normal, as we usher in another massive worldwide fear inspiring ransomware attack.  I will spare you the technical details of this specific malware, but I do feel it is important to understand the common elements of this latest attack, and the ongoing preferred methodology being used in ransomware attacks.

In April of this year, we witnessed a harmless but embarrassing email phishing campaign that was focused on Dropbox users.  The phishing campaign involved an email that looked like it came from someone you knew with a download link that pointed to a Dropbox file for you to download.  Since people send Dropbox links all the time, this is a very effective phishing technique.   I had a funny feeling at the time that this was a dress rehearsal for a much larger phishing campaign using Dropbox download links.

Not even two months later, say hello to Petya.  This ransomware virus differs from traditional ransomware in two key ways:

  1. The virus is distributed via the Dropbox network.
  2. The virus will actually overwrite boot files required to load Windows, thus completely locking the user out of his ability to use his computer.

The victim usually first receives a business-related email from an applicant that is supposedly applying for a job. The victims are lured into opening a Dropbox storage location, which contains the CV and other details of the applicant. When the user tries to open the relevant files a self-extracting executable file will be run on their PC, which contains a Trojan horse virus. The virus will then blind any anti-virus programs installed and remotely download the Petya ransomware.

The most important question now is how we effectively protect ourselves from these types of attacks going forward.  First, over the past couple of months, 4IT has been evaluating end-user phish testing and education services with two different vendors.  Essentially, these services conduct continuous phishing email campaigns against your company and then provide you with campaign reports showing who opened the emails, and who clicked on the links.  Those users are then provided additional training and evaluated again during the next campaign.  This provides a measurable reduction in the potential risk associated with Phishing and is much more effective than a one-time training session.  4IT will be adding this service shortly to our managed service enhanced security suite.  Second, building multiple layers of detection and prevention significantly increases the chance that one of the layers will recognize the malware.  Our preferred combination of anti-virus (Webroot), anti-malware (Malwarebytes), OpenDNS (Content Filtering), and the Sonicwall Comprehensive Security Gateway creates four separate layers of possible detection.  In fact, the good news for SonicWall customers that are using the full suite of security services is that Sonicwall had signatures for certain variants of Petya since March 2016. In April 2017, Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA.

Realistically, this constant wave of attacks is probably the new normal for cybersecurity, and will only serve to reinforce the value of ongoing investments in technology and training to prevent, detect, and remediate cyberattacks.



Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Best Practices Privacy Microsoft Internet Business Computing software Backup Hackers Hosted Solutions Productivity Business Management Managed Service Provider Malware IT Services Google Business Efficiency Windows Innovation Disaster Recovery IT Support Hardware Workplace Tips Business Continuity Saving Money Computer VoIP Upgrade Miscellaneous Virtualization Windows 10 User Tips Mobile Devices Data Mobile Device Management Server Mobile Computing Network Security Email Save Money Communication Microsoft Office Network Alert communications Quick Tips Mobile Office Social Media Smartphones BYOD Information Technology Going Green Apps Small Business Android Health Office Smartphone Outsourced IT Browser Gadgets Application Ransomware Operating System Chrome Managed IT Services Avoiding Downtime Tablet Productivity Disaster Firewall The Internet of Things Managed IT Risk Management Remote Computing Unified Threat Management IT Solutions WiFi Spam Mobility BDR Cybercrime Search Passwords Telephone Systems Holiday Facebook Cybersecurity Hacking Remote Monitoring History Best Practice Hard Drives Data Management Saving Time Employer-Employee Relationship Vendor Management Budget Automation Office Tips Big Data Customer Relationship Management Law Enforcement Proactive IT Phishing Password Apple Hosted Solution Computers Collaboration Marketing Recovery Phone System VPN Wireless Technology Humor Administration Wearable Technology Printer iPhone Maintenance Antivirus USB Content Filtering PowerPoint Shortcut Virus Analytics Office 365 Social Gmail Router User Error Telephony Money Lithium-ion battery Bring Your Own Device Current Events Trending Education Net Neutrality Computer Repair Tech Support HaaS Work/Life Balance Business Intelligence Outlook Encryption Users Data Recovery Government Windows 8 App Social Engineering Cost Management Intranet Bandwidth Wireless Printer Server Unsupported Software Private Cloud Laptop Data Backup Cloud Computing OneNote Google Drive Point of Sale IT COnsultant Save Time Internet of Things Identity Theft Two-factor Authentication Solid State Drive Managing Stress Data Protection Display SaaS Flexibility Excel Augmented Reality Audit Paperless Office IT Support Samsung Social Networking Travel Wi-Fi Fax Server Emergency Workplace Update Customer Service Biometrics Applications Vulnerability Retail Streaming Media Virtual Reality hacker Uninterrupted Power Supply online currency Meetings Personal Information Transportation Data Storage Computer Care Battery Instant Messaging Robot Emails HIPAA Automobile Entertainment End of Support Network Congestion Benefits Efficency DDoS Computer Accessories Help Desk Mouse Internet Exlporer Compliance WIndows 7 Tablets Hard Disk Drive Nokia Managed Security Website Root Cause Analysis Scam eWaste Inbound Marketing HBO Regulations NFL OneDrive best practices CrashOverride Employer Employee Relationship Amazon Sports Value IT Management Worker Commute Co-managed IT Operating Sysytem Cameras PDF User Word data breach Settings Scalability Science Files Presentation WIndows Server 2008 Virtual Desktop Ebay Bluetooth Text Messaging Best Available risk management Safety Computing IT Technicians How To Chromecast Patch Management Upgrades Hard Drive SharePoint Artificial Intelligence Windows 10 Commerce Training Administrator Colocation Regulation Consultant Uograde Images The Blindside Of Teamwork Company Culture Black Market Access Busines Continuity Near Field Communication Sync Touchscreen Politics Networking iOS IT Security Twitter Managed IT Service Cleaning Surge Protector IT consulting Adobe Managed IT Services Experience Human Resources Computer Fan Keyboard Running Cable Avoid Downtime Television 3D Printing Wiring Reliable Computing Licensing Information Music Dark Web Hiring/Firing Screen Mirroring Debate Bloatware Data storage ISP Books Smart Technology Video Games Cast Document Management Advertising Programming Windows 10s Data Breach Blogging Branding Nanotechnology Distributed Denial of Service Legal Data Security Mobile Device Touchpad Storage Taxes IT service Supercomputer Domains Electronic Medical Records IT Budget Lifestyle Windows Ink Reputation Microblogging Youtube Buisness Tutorial Sales Managed Service Provder Webinar Shadow IT Relocation Webinar Gift Giving Mobile IT solutions Professional Services