Reported as a new variant of Petya ransomware, more news broke recently of continued cyber-attacks against businesses and organisations worldwide. Here's how you can reduce the risk to your business.
A Global Concern
Viruses, malware and ransomware are not new threats but have recently featured widely in the media due to large scale cyber-attacks like WannaCry. This ransomware crippled the NHS in May 2017 and an estimated 400,000 devices in other high profile organisations across 150 countries.
On Tuesday 27th June, further news broke of mayhem for businesses in the Ukraine as ministries, banks, the metro and radiation monitoring for the Chernoblyl Nuclear Power plant all went offline. Known as Petya ransomware, this variant spread quickly and reports of disruption for companies in the UK, US, Russia, France, Spain and Australia soon followed.
Exploiting the same vulnerabilities in Windows systems as the WannaCry attack, Petya encrypts the user’s computer, forces shutdown and then displays a ransom message upon reboot asking for bitcoin payments to release a decryption key.
At Air-IT we are constantly looking for new and better ways to protect our clients from cyber-attacks before they happen.
Hackers are always launching new threats in their attempts to access and penetrate unprotected systems. There is no single solution to prevent these attacks which is why we advocate a layered approach to cyber security. Implementing as many layers of security as possible will significantly reduce the risk of becoming victim.
As part of our approach, we include our bespoke ransomware tool for all of our managed IT support and cyber security clients as standard. This unique programme allows us to detect, block and limit the spread of ransomware infections.
A particualrly nasty strain, Petya is automatially blocked by this tool as Air-IT technicians worked out of hours enhancing the programme to recognise this new threat. After passing rigorous internal penetration testing, the update was deployed to all of our clients within 24 hours of the outbreak.
Now, if Petya attempts to access any one of these networks, it will be immediately deleted and an automatic alert sent to our service desk team to investigate.
How to Defend Against Attack
There are numerous forms of attack so there’s no single solution to this subject. An IT Provider can help you make sense of it all, but if you haven’t already you will need to consider the following points.
Assessing your current set up is the first step toward assuring cyber security. Primarily you should identify the risks to implement appropriate measures and protection. We can assist you with this by conducting one of our Cyber Security Audits.
Not only can our experienced team point you in the right direction regarding security they can also advise on industry regulations and compliance such as the upcoming General Data Protection Regulation (GDPR).
Dedicated IT security solutions can help you protect your entire network, its infrastructure, applications, email systems, devices and users.
Our recommendations include:
- Anti-virus – you can defend yourself against known threats with anti-virus software. Cloud based solutions are always up-to-date. This will give you peace of mind and end-user protection.
- Anti-spam– block spam and protect your network from email borne threats with a business-grade anti-spam solution.
- Additional DNS layer and web-filtering– this allows you to boost protection for end users across all devices, to prevent malicious activity via the web.
- Firewall– protect your network and systems from unauthorised access with business-grade firewalls, for end point and server protection.
- Unified Threat Management (UTM)– combine a range of applications, to perform multiple security functions in a single managed UTM solution.
Combined, these solutions can help to defend against major threats such as Petya and WannaCry, and against thousands of new and emerging threats.
Software updates and patching should be performed regularly. Installing these serve as a first line of defence against attack. Both WannaCry and Petya exploited vulnerabilities on unpatched Windows systems to infect computers and networks worldwide.
Businesses should balance the cost of new hardware where legacy systems are still being used, such as Windows XP or Windows Server 2003. The absence of patch availability for these platforms leave large holes in their security that hackers can use.
At Air-IT, updates and patches are rolled out as part of our regular routine maintenance for secure configuration on all our managed IT and cyber-security clients. This means you can forget about updates and get on with your business, safe in the knowledge that we’re taking care of these for you.
We can also offer discounted rates on many leading hardware and software solutions, through our industry partnerships and accreditations.
It’s a common technique for cyber-attacks to breach systems by employing a Trojan horse email approach which requires human action to activate.
We know that employee education is key to reducing risk and companies are advised to devote the necessary time and resources to this layer of security.
If All Else Fails
Above all, we cannot stress enough the need for adequate backup and disaster recovery (BDR). On-premise, hybrid or Cloud, these solutions will help you recover quickly and efficiently in the event of any disaster. You can’t be held to ransom for data you hold elsewhere!
We backup in intervals up to 15 minutes apart to help our clients minimise risk and data loss. Virtualisation allows you to reboot your systems online, so you can still carry on should the worst happen. We also test run all of these processes frequently to make sure it all works – if, or when needed.
Recently recognised for our expertise in BDR in the European IT & Software excellence awards, our advisors are well placed to help you deploy the most robust system for your business.
Concerned About Cyber Security?
Prevention is not only better than cure it is much more cost effective in the long run, especially with the new GDPR penalties coming into force in May 2018.
If you’re worried about your cyber security, would like more information about our services and audits or perhaps need help recovering from a ransomware attack, then please contact us today or call 0115 880 0044.