Comment on Petya ransomware from Mimecast
Source: OAK Consulting for Mimecast , Author: Steven Malone
Posted: Wed June 28, 2017 1:13 pm

UAE. Steven Malone, director of security product management at Mimecast, commented: “The rapid pace of this new Petya ransomware attack points at another worm that can spread from computer to computer by itself.

Many commentators think WannaCry came from hackers in Russia, perhaps as an experiment that escaped early. Therefore it’s not too surprising that Ukraine’s critical national infrastructure has been crippled today while other firms in Europe may have been hit in the crossfire.

As with the early stages of the Wannacry outbreak, the bitcoin wallet associated with this ransomware is not seeing high volumes of payments.  Six people globally have currently paid the ransom, suggesting this won’t be a financially-successful attack.

A cyber resilience strategy that acknowledges that attacks are likely to continue and will sometimes be successful is required. Defence-in-depth security and continuity plans are needed to keep critical services running every time they are attacked.”

Ransomware protection advice from Steven:
“This new outbreak once again highlights the disruptive power of ransomware like never before. Simply by encrypting and blocking access to files, critical national services and valuable business data can be damaged.

Mimecast advises organizations never to succumb to the pressure to pay the ransom to regain access to their applications and data. There is no guarantee this will unlock files and further motivates and finances attackers to expand their ransomware campaigns.

Email has traditionally been the primary attack route for ransomware. Attackers often send Microsoft Office documents with malicious macros that download and install malware. This includes Word, Excel, PowerPoint and also PDFs. Clever social engineering will trick employees into enabling the macros and delivering the ransomware payload.

Data backups and business continuity
Preventive measures alone can’t keep up with the fast-evolving nature of ransomware attacks and as this attack highlights, there are many ways for an infection to enter an organization.

It’s vital you regularly backup critical data and ensure that ransomware cannot spread to backup files.  Ransomware can take time to encrypt large volumes of files, particularly across a network share. It is imperative to ensure your back-up window is long enough to go back before any infection begins.

Backup and recovery measures only work after an attack, and cost organizations in downtime and IT resources dealing with the attack and aftermath. You must be able to continue to operate during the infection period and recover quickly once the infection has been removed.”

Photo Caption: Steven Malone, director of security product management at Mimecast

 

MIDDLE EAST BUSINESS COMMENT & ANALYSIS

date:Posted: January 18, 2018
INTERNATIONAL. Gemalto and Ponemon Institute study reveals regional disparities in adoption of cloud security; Half of global organizations believe that payment information (54%) and customer data (49%) is at risk in the cloud; Over half (57%) think using the cloud increases compliance risk.
date:Posted: January 17, 2018
UAE. Here are the top five technology trends that digital leaders should invest in for 2018: Put your data to work; Re-invent how networks work; Automate your virtual assistant; Embrace all the clouds; Embed security in everything.
date:Posted: January 17, 2018
INTERNATIONAL. Zebra Technologies-IHL Group study examined the current and future retail marketplace in North America and EMEA region.
INTERNATIONAL. Gemalto and Ponemon Institute study reveals regional disparities in adoption of cloud security; Half of global organizations believe that payment information (54%) and customer data (49%) is at risk in the cloud; Over half (57%) think using the cloud increases compliance risk.
dhgate