JOIN US×
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
The world has significantly transformed over the past couple of decades since the advent of information technology and the internet, both of which have now become a significant part of our lives. All of us are now connected to each other via series of invisible networks that transcend geographical borders, making us aware of latest global developments every day as and when they occur.
However, the advancement of internet has also led to the rise of cyber security threats like ransomware across the world that target both individuals and establishments with dire consequences. Ransomware is a type of corrupt software that can block access to any computer system until a ransom amount is paid to the hacker by the affected party.
Such types of software are used by cybercriminals to usually target systems that contain valuable information, which, unless the affected person or organisations pay for, can be misused for nefarious purposes.
In May 2017, the world woke up to a massive ransomware cryptoworm attack — WannaCry — which targeted computers that ran on the Microsoft Windows operating system by encrypting the data on those systems, and demanded the ransom be paid in bitcoins, a form of cryptocurrency. It is estimated that over two lakh computer systems were affected by the WannaCry ransomware across 150 countries, with economic damages amounting to more than $4 billion, according to Cyence.
Following this, as the world began to recover from the after effects of WannaCry, it witnessed another ransomware attack in the form of an advanced variant of the Petya ransomware in June 2017, which threatens to ransack the security of organisations across the globe.
The attack targeted government systems, domestic banks and power companies in Ukraine, as well as other large companies in the world. Just like the WannaCry attack, those affected by the Petya ransomware found their files encrypted, followed by a demand of $300 in bitcoin as ransom to release those files.
While both ransomware have a similar delivery method, and are spread via online scams, and phishing e-mails, it has been suggested that the Petya ransomware likely originates from an already infected application update from a breached software vendor. It uses that as its primary vector as the ransomware payload needs local administrator access, and for infecting successive computer systems.
As soon as the Petya ransomware is executed, the infected system’s MBR gets overwritten by the custom boot loader, following which a malicious kernel containing a corrupting code is loaded into the system to commence the process of encrypting files within that system. Judging by the extent of such malicious attacks, the most important question asked by business owners is: can we save our company from the Petya ransomware attack?
Preventive measures: These days, it has become a matter of extreme importance for organisations to take preventive actions in terms of cyber security in a bid to protect confidential data from potential threats, such as the Petya ransomware. Following are some actions that business owners can take to ensure the same:
Deploy latest security patches on all systems: Organisations should make sure to set up only the latest Microsoft security patches on each computer system, specifically the MS17-010, which safeguards Server Message Block (SMB) vulnerabilities. Disabling SMBv1 can help in preventing malicious software like Petya from spreading to other systems.
Create more awareness among end-users: Organisations should make sure that end-users — the employees and other staff are aware about latest cyber security threats, and be extremely cautious of opening suspicious files, attachments, or links received from unknown senders.
Make sure your anti-virus software is regularly updated: It is important to ensure that the anti-virus software being used to protect computer systems within an organisation is regularly updated as an outdated version will not be able to safeguard systems from an advanced malware. Make sure that all data and important files on local disks have a back-up copy, as most user data can be replicated via shared networks.
Avoid users from writing data anywhere apart from designated areas: Companies should ensure that all computer users in the workplace avoid writing data anywhere apart from the designated areas on the local hard drive to prevent loss of data in case of a potential cyberattack. To further limit the possibility of an attack, organisations can limit or restrict access to local administration to just few trusted associates.
(The writer is Founder & Director, ExportersIndia.com)
However, the advancement of internet has also led to the rise of cyber security threats like ransomware across the world that target both individuals and establishments with dire consequences. Ransomware is a type of corrupt software that can block access to any computer system until a ransom amount is paid to the hacker by the affected party.
Such types of software are used by cybercriminals to usually target systems that contain valuable information, which, unless the affected person or organisations pay for, can be misused for nefarious purposes.
In May 2017, the world woke up to a massive ransomware cryptoworm attack — WannaCry — which targeted computers that ran on the Microsoft Windows operating system by encrypting the data on those systems, and demanded the ransom be paid in bitcoins, a form of cryptocurrency. It is estimated that over two lakh computer systems were affected by the WannaCry ransomware across 150 countries, with economic damages amounting to more than $4 billion, according to Cyence.
Following this, as the world began to recover from the after effects of WannaCry, it witnessed another ransomware attack in the form of an advanced variant of the Petya ransomware in June 2017, which threatens to ransack the security of organisations across the globe.
The attack targeted government systems, domestic banks and power companies in Ukraine, as well as other large companies in the world. Just like the WannaCry attack, those affected by the Petya ransomware found their files encrypted, followed by a demand of $300 in bitcoin as ransom to release those files.
While both ransomware have a similar delivery method, and are spread via online scams, and phishing e-mails, it has been suggested that the Petya ransomware likely originates from an already infected application update from a breached software vendor. It uses that as its primary vector as the ransomware payload needs local administrator access, and for infecting successive computer systems.
As soon as the Petya ransomware is executed, the infected system’s MBR gets overwritten by the custom boot loader, following which a malicious kernel containing a corrupting code is loaded into the system to commence the process of encrypting files within that system. Judging by the extent of such malicious attacks, the most important question asked by business owners is: can we save our company from the Petya ransomware attack?
Preventive measures: These days, it has become a matter of extreme importance for organisations to take preventive actions in terms of cyber security in a bid to protect confidential data from potential threats, such as the Petya ransomware. Following are some actions that business owners can take to ensure the same:
Deploy latest security patches on all systems: Organisations should make sure to set up only the latest Microsoft security patches on each computer system, specifically the MS17-010, which safeguards Server Message Block (SMB) vulnerabilities. Disabling SMBv1 can help in preventing malicious software like Petya from spreading to other systems.
Create more awareness among end-users: Organisations should make sure that end-users — the employees and other staff are aware about latest cyber security threats, and be extremely cautious of opening suspicious files, attachments, or links received from unknown senders.
Make sure your anti-virus software is regularly updated: It is important to ensure that the anti-virus software being used to protect computer systems within an organisation is regularly updated as an outdated version will not be able to safeguard systems from an advanced malware. Make sure that all data and important files on local disks have a back-up copy, as most user data can be replicated via shared networks.
Avoid users from writing data anywhere apart from designated areas: Companies should ensure that all computer users in the workplace avoid writing data anywhere apart from the designated areas on the local hard drive to prevent loss of data in case of a potential cyberattack. To further limit the possibility of an attack, organisations can limit or restrict access to local administration to just few trusted associates.
(The writer is Founder & Director, ExportersIndia.com)
ADVERTISEMENT
(Published 09 August 2017, 18:41 IST)
ADVERTISEMENT
ADVERTISEMENT