(MENAFN- Khaleej Times) Security experts are cautioning businesses to update their software and back up all the necessary files in the wake of another ransomware attack that has affected companies across the globe.
The latest ransomware attack called 'Petya' first appeared this morning and has been spreading around the world, mainly infecting businesses and government agencies and departments in Ukraine and Russia, but there have been increasing reports of businesses in other countries also being compromised, with reports filtering in from the US, UK, Germany, Switzerland, and Holland.
"The only reliable defence against the recent Petya ransomware attacks is backup," says Nigel Tozer, solutions marketing director at Commvault. "Clearly the malicious forces behind this and other recent attacks, continue to be one step ahead of threat detection software, so if your systems and data is held to ransom the only true means of recovery is to be able to revert back to data from the last backup before the infection."
"When files are encrypted and corrupted by a ransomware attack, cloud sync and share tools aren't something you can rely on either, because the sync facility means cloud files are as infected as their originals. The other issue is that these cloud services, especially free or those targeted at consumers, typically don't cover all of your data and may not always have retention policies that pre-date the attack."
The best option, he says, to insure against data-mincing malware, is an in-house centrally managed backup solution. "Whilst reverting to the backup prior to the infection might mean losing a limited amount of data, it is nominal compared to the impact of losing all your data permanently."
The malware itself appears to be a straightforward ransomware program. Once infected, the virus encrypts each computer to a private key, rendering it unusable until the system is decrypted. The program then instructs the user to pay the $300 ransom to a static Bitcoin address, then email the bitcoin wallet and personal ID to the email address, which is now blocked.
Steven Malone, director of security product management at Mimecast, noted that e-mail has traditionally been the primary attack route for ransomware. Attackers often send Microsoft Office documents and PDFs with malicious macros that download and install malware. Clever social engineering will trick employees into enabling the macros and delivering the ransomware payload.
"Preventive measures alone can't keep up with the fast-evolving nature of ransomware attacks and as this attack highlights, there are many ways for an infection to enter an organisation. It's vital you regularly backup critical data and ensure that ransomware cannot spread to backup files. Ransomware can take time to encrypt large volumes of files, particularly across a network share. It is imperative to ensure your back-up window is long enough to go back before any infection begins," he said.
Becky Pinkard, vice-president of service delivery and intelligence operations at Digital Shadows, is warning businesses impacted by the attack not to pay the $300 bitcoin fee as Posteo administrators have disconnected the email address associated with paying the ransomware to get unlock keys for impacted systems.
"It means that if anyone paying the ransom to unencrypt their files tries to do so, the criminals who distributed the attack are unable to access the bitcoin account the ransom goes to; so they will not be able to release the keys for the encrypted files - even if they ever intended to do so," she said.
Backup and recovery measures only work after an attack, and cost organisations in downtime and IT resources dealing with the attack and aftermath, he added. "You must be able to continue to operate during the infection period and recover quickly once the infection has been removed."
-
Rohma Sadaqat I am a reporter and sub-editor on the Business desk at Khaleej Times. I mainly cover and write articles on the UAE's retail, hospitality, travel, and tourism sectors.Originally from Lahore, I have been living in the UAE for more than 20 years. I graduated with a BA in Mass Communication, with a concentration in Journalism, and a double minor in History and International Studies from the American University of Sharjah.If you see me out and about on assignment in Dubai, feel free to stop me, say hello, and we can chat about the latest kitten videos on YouTube.
MENAFN2806201700490000ID1095586042
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.