4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Welcome to the New Normal

World ransomware


Welcome to the new normal, as we usher in another massive worldwide fear inspiring ransomware attack.  I will spare you the technical details of this specific malware, but I do feel it is important to understand the common elements of this latest attack, and the ongoing preferred methodology being used in ransomware attacks.

In April of this year, we witnessed a harmless but embarrassing email phishing campaign that was focused on Dropbox users.  The phishing campaign involved an email that looked like it came from someone you knew with a download link that pointed to a Dropbox file for you to download.  Since people send Dropbox links all the time, this is a very effective phishing technique.   I had a funny feeling at the time that this was a dress rehearsal for a much larger phishing campaign using Dropbox download links.

Not even two months later, say hello to Petya.  This ransomware virus differs from traditional ransomware in two key ways:

  1. The virus is distributed via the Dropbox network.
  2. The virus will actually overwrite boot files required to load Windows, thus completely locking the user out of his ability to use his computer.

The victim usually first receives a business-related email from an applicant that is supposedly applying for a job. The victims are lured into opening a Dropbox storage location, which contains the CV and other details of the applicant. When the user tries to open the relevant files a self-extracting executable file will be run on their PC, which contains a Trojan horse virus. The virus will then blind any anti-virus programs installed and remotely download the Petya ransomware.

The most important question now is how we effectively protect ourselves from these types of attacks going forward.  First, over the past couple of months, 4IT has been evaluating end-user phish testing and education services with two different vendors.  Essentially, these services conduct continuous phishing email campaigns against your company and then provide you with campaign reports showing who opened the emails, and who clicked on the links.  Those users are then provided additional training and evaluated again during the next campaign.  This provides a measurable reduction in the potential risk associated with Phishing and is much more effective than a one-time training session.  4IT will be adding this service shortly to our managed service enhanced security suite.  Second, building multiple layers of detection and prevention significantly increases the chance that one of the layers will recognize the malware.  Our preferred combination of anti-virus (Webroot), anti-malware (Malwarebytes), OpenDNS (Content Filtering), and the Sonicwall Comprehensive Security Gateway creates four separate layers of possible detection.  In fact, the good news for SonicWall customers that are using the full suite of security services is that Sonicwall had signatures for certain variants of Petya since March 2016. In April 2017, Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA.

Realistically, this constant wave of attacks is probably the new normal for cybersecurity, and will only serve to reinforce the value of ongoing investments in technology and training to prevent, detect, and remediate cyberattacks.



Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Hackers Backup Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Disaster Recovery Innovation Business Continuity Hardware Workplace Tips VoIP Computer Mobile Devices User Tips Saving Money Miscellaneous Virtualization Windows 10 Upgrade Network Security Mobile Device Management Data Server Mobile Computing Email Alert communications Network Save Money Microsoft Office Communication Small Business Social Media Quick Tips Smartphone Information Technology Smartphones BYOD Going Green Mobile Office Health Android Managed IT Services Outsourced IT Office Apps Gadgets Operating System Application Chrome Ransomware Browser WiFi Productivity Holiday Managed IT Firewall The Internet of Things Avoiding Downtime Cybersecurity Disaster Mobility Tablet BDR History Best Practice Data Backup Data Management Search Cybercrime Passwords Telephone Systems Remote Computing Unified Threat Management Data Recovery IT Solutions Risk Management Spam Remote Monitoring Apple VPN Employer-Employee Relationship Budget Vendor Management Marketing Facebook Automation Hard Drives Saving Time Hacking Customer Relationship Management Money User Error Phishing Collaboration Password Hosted Solution Computers Wireless Technology Law Enforcement Recovery Phone System Big Data Content Filtering Office Tips Proactive IT iPhone Antivirus Government Maintenance PowerPoint Shortcut Virus Social Lithium-ion battery Telephony Current Events Bring Your Own Device Work/Life Balance Printer Vulnerability Office 365 USB Humor Administration Encryption Analytics Wearable Technology Gmail Router App Business Intelligence Cost Management Wireless Intranet Unsupported Software Users Data Security Bandwidth Google Drive Printer Server Cloud Computing Windows 8 Social Engineering Laptop Save Time OneNote Data Protection Trending Education Net Neutrality Private Cloud Point of Sale IT COnsultant Tech Support Computer Repair Outlook SaaS Politics Audit Personal Information HaaS Uninterrupted Power Supply Robot online currency Computer Care Travel Battery Social Networking Update Customer Service Automobile Biometrics End of Support Retail Virtual Reality Meetings Internet Exlporer Efficency Internet of Things Instant Messaging Emails Identity Theft Solid State Drive HIPAA Flexibility Sports Entertainment Network Congestion Benefits IT Support Display DDoS Computer Accessories Windows 10 Help Desk Augmented Reality Mouse Samsung Compliance Wi-Fi Emergency Artificial Intelligence Paperless Office Applications Two-factor Authentication Managing Stress Fax Server Excel hacker Workplace Data Storage Redundancy Transportation Streaming Media Presentation Experience Microsoft Excel Virtual Desktop Dark Web Bluetooth Screen Mirroring Best Available Keyboard Avoid Downtime IT Technicians Twitter Music Hard Drive File Sharing SharePoint Cast Surge Protector Hiring/Firing Data storage Television Windows 10s Books Uograde 3D Printing Images systems Nanotechnology Teamwork Smart Technology Video Games Tablets Hard Disk Drive Busines Continuity Document Management Near Field Communication Data Breach Advertising hack Networking Root Cause Analysis HBO Legal ISP Touchpad NFL best practices Mobile Device IT consulting Managed Security Cortana Human Resources CrashOverride Blogging Running Cable IT Management Scam Programming Wiring Word data breach Reliable Computing Information Legislation Settings Website WIndows Server 2008 Employer Employee Relationship Worker Commute Debate Operating Sysytem Windows Ink Bloatware risk management PDF Files Patch Management Scalability OneDrive Amazon Google Maps Branding Commerce Safety Text Messaging Co-managed IT Chromecast Distributed Denial of Service Regulation How To Software as a Service Upgrades Lifestyle WIndows 7 Nokia Administrator Ebay eWaste Sync Storage Training Inbound Marketing Regulations Colocation Computing Data Loss iOS Consultant Managed IT Service The Blindside Of Access Adobe Managed IT Services Company Culture Value Black Market Cameras Google Docs Computer Fan Touchscreen User IT Security Licensing Science Cleaning Relocation Credit Cards Spyware Mobile IT solutions FAQ Youtube Professional Services Microblogging Buisness Charger Sales Gift Giving Wireless Charging Managed Service Provder Webinar WannaCry Taxes Evernote Supercomputer Electronic Medical Records Comparison Workers IT Budget Specifications Updates Reputation Conferencing Microsoft Word IT service Gifts Device Security Domains Devices Tutorial Webinar Shadow IT