By now, you’ve probably heard about the security breaches in Europe. Just when the news about WannaCry seemed to die, Petya reared its ugly head. SecurityIntelligence.com reported the news and also provides some background information on how this happened and what you can do if you have been targeted.
From the report, IBM Security recommends:
- Ensure systems are patched (MS17-010) and all antivirus programs are up to date.
- Determine if backup systems are effectively configured.
- Restore only from secure backups with known safe snapshots or reimage systems completely.
- Isolate any unpatched systems to prevent lateral movement of Petya.
- Verify effective monitoring of all critical systems and networks.
- Create or maintain regular reviews of privileged credential protection to prevent further access via legitimate tools across a network.
- Review incident response and contingency plans.
As of this morning, it seemed that Petya was mostly contained to the Ukraine and Russia, but news reports from this afternoon are now saying that a subsidiary of FedEx based in the Netherlands has been hit with the virus. Only time will tell how many more targets will be hit. If we can learn anything from these back-to-back attacks, the importance of a secure immune system and a disaster recovery plan should be a high priority for all.
With the decreasing workforce in cybersecurity, it might seem like an impossible task to prevent attacks or recover from one. However, with the proper mindset, you can create an optimal situation, should an attack happen by following the tips recommended by IBM Security.
Stay vigilant in securing your data:
- Reduce risks to your organization posted by IT operations
- OWASP top 10 vulnerabilities
- Are you safe from ransomware?
- Download and read the entire Ransomware Response Guide
- Watch The Art of Threat Hunting
- Lack the security manpower? See how cognitive security can help your organization