Moving to a cloud server means your small business’ data and applications are being hosted online rather than on an in-house or premise-based server.  Premise-based servers come with their own set of problems and typically require

Yesterday’s massive ransomware attack appears to have targeted systems in the Ukraine.  Kaspersky Labs reports that as many as 60 percent of the systems infected by the Petya ransomware were located there, far more than anywhere else. The hack’s reach touched some of the country’s most crucial infrastructure including its central bank, airport, metro transport, and even the Chernobyl power plant, which was forced to move radiation-sensing systems to manual.

As expected the purpose of the attack was to make money.  Most ransomware flies under the radar, quietly collecting payouts from companies eager to get their data back and decrypting systems as payments come in. But, Petya seems to have been incapable of decrypting infected machines, and its payout method was bizarrely complex, hinging on a single email address that was shut down almost as soon as the malware made headlines.  As of this morning, the Bitcoin wallet associated with the attack had received just $10,000, a relatively meager payout by ransomware standards.

Regardless of the results of Petya, Ransomware attacks are real and I have personally seen payouts result in releases of encrypted files.  The attacks have typically occurred due to uneducated employees opening phishing emails with attachments or pointers to website URLs or links that allowed the attack inside the company’s network infrastructure.

At Altitude Unlimited, we recommend the following strategy to avoid making Ransomware payments:

  • Be cautious about phishing emails. Do not open email with unknown attachment, or unknown links without confirming their legality and authenticity. Train your user community to be wary of strange emails even from people they know.  This is difficult to manage but an attacker can hijack an email account to send their destructive emails to the user’s complete email contact database.
  • Strengthen user passwords. Eliminate null passwords or weak passwords in your systems and always use high-strength passwords instead.
  • Improve Backups and Validate Regularly. A critical approach is to make sure your backups are complete and include data and configuration information for your servers and systems.  This way if an attack does occur, you can wipe the infected server and rebuild it.  You may lose data since your last backup but at least you won’t be forced to pay thousands of dollars to recover your company property.

If you need assistance, Altitude Unlimited network security and systems engineers can assist you in analyzing your network security and penetration points, developing network and systems security plans, deploying our managed cloud backup solutions for retention and deploying Intrusion Prevention Systems.

Categories: Network Security, Risk Management, Server Backup, Cloud Computing