Petya Cyber Attack: How To Protect Your Organization Against It!

Petya ransomware is a part of a new wave of cyber attacks that has hit enterprise networks across the world. Ukraine and Russia are the worst affected, though the attack has also impacted some companies in other Western European countries, US and India.

Researchers are calling Petya a wiper and not a ransomware. The aim of this wiper being mass destruction of data and not collection of money from victims and enterprises. This was first reported by Matt Suiche, founder of the cyber security firm Comae. You can read his detailed blogpost on Medium (blog.comae.io) explaining why Petya is a wiper, not a ransomware. Cyber security firm Kaspersky has also come to the same conclusion.

What is the difference between a Wiper and a Ransomware?

A wiper and a ransomware differ in their intent and motive. The goal of a wiper is to destroy and damage data, excluding any possibility of restoration whereas the goal of a ransomware is to make money and it can restore the modifications it makes on your system.

How to protect your organization against it?

Common delivery methods for such malwares are via phishing emails or scams and the payload requires local administrator access to execute. Most major antivirus companies like Symantec and Kaspersky claim that their software has been updated to actively detect and protect against “Petya” infections. Keeping your Windows up to date – at the very least by installing March’s critical patch MS17 – 010 – will defend your system and also protect against future attacks with different payloads.

Organizations need to be aware of how threats affect their organizations through gaps in their infrastructure, unsafe application updates, or infected web adverts. Here are some protective measures that you can take to protect your organisation from Petya and similar attacks:

  1. Install the latest Microsoft patches, including MS17-010 which patches the SMB vulnerability.
  2. Read more

Your Guide To Tackle The Ransomware Threat “WannaCry”

Your Guide To Tackle The Ransomware Threat “WannaCry”

On May 12th, 2017, the world was hit by a cyber-attack that caused chaos and panic among organizations and people alike. So far, more than 200,000 computers in 150 countries have been affected, with victims including hospitals, banks, telecommunications companies and warehouses.

WannaCry, Wanna Decryptor, WannaCrypt – whatever it’s referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat.

 

WHAT IS WannaCry RANSOMWARE?

WannaCry is an encryption-based ransomware that encrypts files on a system with AES and RSA ciphers. This means the hackers can directly decrypt the files on an infected system using a unique decryption key.

Once WannaCry ransomware infects a system it creates encrypted copies of specific file types before deleting the originals. The victims are then left with encrypted copies, which can’t be accessed without a decryption key. Additionally they increase the ransom amount, and threaten loss of data over time, creating a sense of urgency, greatly improving their chances of getting paid by the victims. Read more

Cloud as a Primary Storage – more than just Data Backup!

Cloud can be used for more than just dumping the data or keeping data backup. Because of its flexibility and scalability, it allows interactive access to first copy data. But, to do so, admins need to understand the requirements of their workloads and learn how they can modify their applications to take advantage of Cloud Storage.

When Cloud is used as a sole storage area, admins don’t need to invest in on-site data centers. The data is created, stored and archived in the Cloud which means lesser resource consumptions for power, cooling and floor space and improved efficiency.

 

Here are the top 3 Cloud use cases for Primary Storage:

 

Applications which may perform better when stored in Cloud than in Physical Data centers – These applications usually create their own data sets with the help of various sensors placed on the devices connected to the internet like security cameras, audio systems, etc. This kind of data is processed in the Cloud and thus it makes more sense to store the data in the Cloud itself as and when it is created instead of moving it later.

This use case works not only on the sensor data but also in situations where the application is executed on-premises but the database is stored in the Cloud like in Banks. This helps the users to retrieve the data without much delay.
Read more