NordVPN advice

Wednesday 28th June 2017
NotPetya or GoldenEye

Unlike WannaCry attacks that hit seven weeks ago, the newest attack seems to be solid, having cleaned up previous design flaws. Security companies agree the Petya ransomware similar software that exploits in Microsoft products factors that WannaCry was able to exploit. Symantec confirms the ransomware is using the EternalBlue vulnerability that is believed developed by the NSA. Originally called Petya, the current ransomware emerged in 2016, and no re-appeared with upgrades, such as better encryption. The new iteration is variously dubbed “NotPetya” or “GoldenEye.”

“The latest ransomware assault seems to be particularly dangerous,” said Marty P. Kamden, CMO of NordVPN, “One of the best protection mechanisms are patches, but they might not always work with this new version of Petya. Another way to protect yourself is to disrupt a system before it boots, as the ransomware runs on boot. After the device gets infected with a ransomware, it will wait for about an hour until reboot. Reboot is required for a malware to encrypt the system, so in certain cases, if the device gets terminated in the encryption process, it gets disrupted and information can be saved.”

“Generally, system administrators are still not well-prepared to protect their networks, and these attacks will only keep getting worse,” he added.

Here is NordVPN’s advice about protecting a network from latest ransomware attack:

1. Power down when unusual messages pop out. If you encounter a “Check Disk” message, quickly power down to avoid having the files encrypted by the ransomware.

2. Know which file to block. Stop the spread within a network from the Windows Management Instrumentation by blocking the file C:\Windows\perfc.dat from running. If such a file doesn’t exist yet, create it yourself and make it read-only.

3. Protect local credentials. Use Microsoft’s Local Administrator Password Solution to protect credentials that grant network privileges.

4. Always install latest security updates. Security updates often contain patches for latest vulnerabilities, which hackers are looking to exploit.

5. Don’t open anything suspicious you get through email. Delete dubious emails from your bank, ISP, credit card company, etc. Never click on any links or attachments in emails you’re not expecting. Never give your personal details if asked via email.

6. Backup all data. Backup your data in an alternate device and keep it unplugged and stored away. Backing up data regularly is the best way to protect yourself from ransomware because only unique information is valuable.

7. Use a VPN for additional safety. Using a VPN when browsing can protect you against malware that targets online access points. That’s especially relevant when using a public hotspot. However, keep in mind that while a VPN can protect malware from spreading while it’s connected, it cannot protect you from downloading the malware. While a VPN encrypts your activity online, you should be careful when downloading and opening certain files or links.

8. Close pop-up windows safely. Ransomware developers often use pop-up windows that warn you of some kind of malware. Don’t click on the window - instead, close it with a keyboard command or by clicking on your taskbar.

9. Use anti-virus programs. Make sure you have installed one of the latest reputable anti-virus programs to make sure you are fully protected.

Custom Search

Scotland, Computer News in Scotland, Technology News in Scotland, Computing in Scotland, Web news in Scotland computers, Internet, Communications, advances in communications, communications in Scotland, Energy, Scottish energy, Materials, Biomedicine, Biomedicine in Scotland, articles in Biomedicine, Scottish business, business news in Scotland.

Website : beachshore