Yesterday (27th June, 2017), businesses and organisations across Europe and the US were hit by a large-scale ransomware attack, known as Petya, leaving them unable to access systems and data.
Petya is a form of ransomware, meaning it is a computer virus which encrypts files and keeps them encrypted until the hacker receives payment. Petya takes advantage of vulnerabilities in old Microsoft Windows systems, leaving anyone without the latest version in jeopardy.
So far, Petya has infected high-profile victims including advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft. The attack was first reported in Ukraine, where the government, banks, state power utility and Kiev’s airport and metro system were all affected.
With this in mind Ebuyer.com, shares five ways businesses can protect themselves against online ransomware:
1. IT managers and directors should be taking regular steps to ensure their network is secure and all security software is up to date.
2. Gateway security (a machine through which data packets flow) should be employed and next-generation firewalls installed to allow for deep-packet inspection – a form of computer network packet filtering that examines data as it passes an inspection point. This will help identify hidden threats passing into your network.
3. Implement internal monitoring and endpoint protection; a method of protecting corporate networks when accessed via remote devices such as laptops or other wireless and mobile devices. This will prevent malicious files from gaining access to the network by human error.
4. It is essential that a reliable and thoroughly tested backup solution be put in place. This should be segregated from the rest of the network to prevent malware from spreading to it once infected.
5. Ensure systems are up to date and supported for exploit patches.
6. New data protection laws are coming into play in May 2018 which will replace the current Data Protection Act (DPA) with the General Data Protection Regulation (GDPR).
Businesses need to ensure that their systems are fully protected in order to minimise the risk of breaches. Protecting malware from gaining access is also essential for any company which relies on its network or software to run its service.
Paul Lyon, IT director at Ebuyer, says, ‘The cyber attacks on such large companies and the resulting fallout have once again brought into focus the importance of security both at home and in the office. Ransomware has been around for some time but this is by far the most high-profile attack.
‘Cybercrime is a growing industry and criminals are becoming significantly more sophisticated and their attacks more destructive. New threats are constantly being developed. Businesses of all sizes, as well as the ordinary home user, are vulnerable to attacks and should always be on their guard.’