Follow on Google News News By Tag Industry News News By Place Country(s) Industry News
Follow on Google News | Defence against the wrath of RansomwareThe recent attack by Petya ransomware is another warning to organizations about the possible catastrophe of vulnerabilities in their networks or IT infrastructure.
By: Microworld Technologies Inc Eternal Blue was the exploit which was used by WannaCry and it uses the SMB protocol vulnerability to propagate throughout the network. However, Petya Ransomware not just encrypts the files but after encrypting them, tries to encrypt the MBR too, effectively rendering the infected systems un-bootable. According to our findings, Petya was pushed through an update for MeDoc financial software used mostly by organizations in Ukraine and phishing emails were the major source for starting of infection. In India, "The (shipping) ministry has confirmed that one terminal at JNPT has been affected due to the attack at Maersk's Hague office," an official said, adding that the government will share a report / statement shortly. Due to this attack, the operations at JNPT's GTI (Gateway Terminals India) have come to a standstill. However, this seems to be an isolated incident within India and the impact on India by Petya Ransomware seems to be very limited. Last month's WannaCry's attack had forced numerous organizations to implement the patches released by Microsoft to update their OS. However, there might exist some organizations that are still lagging behind. Until now the Bitcoin address which is being used by Petya Ransomware has received 42 transactions worth 3.75228155 BTC equivalents to 9490.80 USD in less than 24 hours. However, the email-id which is being used to communicate with the criminals has been suspended by the service provider, hence rendering all the efforts of getting the decryption key futile. Due to this, victims should detest from making any payments to the criminals. To stay safe from such attacks, all the organizations and users need to ensure that, the patches released by Microsoft have been updated or patched such as below: 1. NSA Hacking Tool - EnglishmanDentist Exploit CVE - CVE-2017-8487 Patch Download Link - https://support.microsoft.com/ 2. NSA Hacking Tool - "EsteemAudit" Exploit CVE - CVE-2017-0176 Patch Download Link - https://support.microsoft.com/ 3. NSA Hacking Tool - "ExplodingCan" Exploit CVE - CVE-2017-7269 Patch Download Link - https://support.microsoft.com/ 4. NSA Hacking Tool - "ErraticGopher" Exploit CVE - CVE-2017-8461 Patch Download Link - https://support.microsoft.com/ 5. NSA Hacking Tool - "EternalBlue" Exploit CVE - MS17-010 Patch Download Link - https://technet.microsoft.com/ 6. NSA Hacking Tool - "EmeraldThread" Exploit CVE - MS10-061 Patch Download Link - https://technet.microsoft.com/ 7. NSA Hacking Tool - "EternalChampion" Exploit CVE - CVE-2017-0146 & CVE-2017-0147 Patch Download Link - A: https://portal.msrc.microsoft.com/ B: https://portal.msrc.microsoft.com/ 8. NSA Hacking Tool - "EsikmoRoll" Exploit CVE - MS14-068 Patch Download Link - https://technet.microsoft.com/ 9. NSA Hacking Tool - "EternalRomance" Exploit CVE - MS17-010 Patch Download Link - https://technet.microsoft.com/ 10. NSA Hacking Tool - "EducatedScholar" Exploit CVE - MS09-050 Patch Download Link - https://technet.microsoft.com/ 11. NSA Hacking Tool - "EternalSynergy" Exploit CVE - MS17-010 Patch Download Link - https://technet.microsoft.com/ 12. NSA Hacking Tool - "EclipsedWing" Exploit CVE - MS08-067 Patch Download Link - https://technet.microsoft.com/ About eScan: eScan is an ISO (27001) certified pure play enterprise security solution company with over 2 decades of expertise in developing IT security solutions. eScan today has a presence in 12 countries through its offices and subsidiaries. It also boasts of a robust channel partner network of more than 50, 000 partners spread across 190 countries worldwide. It is trusted by more than 6,500 enterprise and corporate users spread across various industry segments such as Government, BFSI, Education, Defense, Telecom, IT & ITeS, Infrastructure, Hospitality, and Healthcare worldwide. It is powered by some of the latest and innovative technologies, such as Proactive Behavioral Analysis Engine (PBAE) Technology, MicroWorld Winsock Layer (MWL) Technology, Domain & IP Reputation Check (DIRC) Technology, Non-Intrusive Learning Pattern (NILP) Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provide protection from current threats, but also provides proactive protection against the ever-evolving cyber threats. eScan provides 24x7 free remote support facility to help its esteemed users to provide real-time solutions for security related issues. For more information, visit - https://escanav.com/ End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|