I’m sure you have all heard about the Wannacry ransomware, which affected many organisations, including the NHS, in May of this year. Now just over a month later and a new strain of ransomware is inflicting similar damage. A variant of the Petya family of ransomware, the virus has infected thousands of systems across the world, including massive multi-national corporations like Maersk and Honda.
Where WannaCry focused on poorly patched systems, Petya seems not to care; Using Windows networking tools like Windows Management Instrumentation (WMI) it initially infects one computer before moving on to infect others on the same network. This piece of Windows software is on every computer, it usually runs with admin access, it makes outgoing connections that tend to be encrypted and it bypasses any firewall you have.
So how can you protect against this and similar attacks?
Firstly it is imperative that you have good working backups of all critical data. Yes, we know we keep banging this drum but, it really is important. Your systems may readily be rebuilt but, your data, if not backed up (properly), may prove otherwise. If you have concerns over your backups or backup strategy then please do not hesitate to contact your DSM account manager. DSM provide backup solutions (to include live testing) that ensures the highest possible chance of data recovery.
Secondly, updating your systems and antivirus is a key first line defence . Many of the developers are providing patches to protect against such attacks on a daily basis; these patches should be utilised as soon as they become available – even a few hours delay could mean your systems are vulnerable. Ask your account manager at DSM about arranging for these patches to be added and to ensure your antivirus systems are up to date.
Thirdly, educating your team to be vigilant can prevent an attack. DSM can advise and arrange site visits to educate staff on the risks and how to spot suspicious activity. Again, ask your account manager to arrange this.
A member of our technical team will be in touch shortly to advise on critical security patch’s where appropriate. In the interim, if you have any concerns over your systems, please do not hesitate to contact us for advice and assistance.