Perspective on the Recent "Petya" Cyberattacks

Ehningen, (PresseBox) - What is the Petya Ransomware campaign? A calculated ransomware campaign with a heavy footprint in Ukraine was detected on June 27, 2017. The source of the attack is currently unknown. To date, the attack has affected global organizations in the banking, pharmaceutical and transportation industries.

Most reports, and the ransom demand itself, refer to the activity as Petya, a wellknown malware that has existed for quite some time, but at least one security company believes it is not a true Petya variant. IBM can confirm the ransomware tool is spreading via the National Security Agency (NSA) exploit ETERNALBLUE, similar to the WannaCry events last month.

While this attack is not identical to WannaCry, it is operating in a similar fashion— mainly an existing ransomware tool has been updated with a new infection capability, allowing it to propagate very quickly, with potentially significant impact. IBM believes the response and remediation steps that led to effectively responding to WannaCry are highly applicable to today’s attack. IBM X-Force Command Center is fully activated to determine true cause, provide recommendations, and work responses with our clients.

Broad implications: Organizations around the world need to understand the elements of these attacks and be prepared for copycat attacks with new twists. While ransomware – the criminal practice of stealing data and not returning it to its owner until a ransom payment is made – was the profit-gaining tactic of choice, criminals could shift to new tactics and schemes in the future. For example, they could use the one-to-many attack scheme through the Microsoft vulnerability to steal personally identifiable information or embed Remote Access Trojans.

Actions for all enterprises: Take steps to prevent such attacks, or to get help

Patch systems immediately to help prevent attacks. For example, IBM’s BigFix solution automatically deployed the patch for WannaCry2 in May 2017.

Deploy Security Intelligence systems to detect attacks, such as Watson for Cyber Security.

Develop a response playbook with your team, in case you are infected.

Refer to X-Force Ransomware Response Guide to evaluate organizational readiness

Ensure your employees, suppliers and others who work with your company 
 receive regular security training, such as how to spot suspicious emails.

• Follow the updates on X-Force Exchange and SecurityIntelligence.com

• If you have been impacted by the Petya attacks, call IBM X-Force Incident Response Hotline: 1-888-241-9812 US, (001) 312-212-8034 Outside the US

Website Promotion

Diese Pressemitteilungen könnten Sie auch interessieren

Weitere Informationen zum Thema "Security":

5 Tipps für die Wahl einer Authentifizierungslösung

Die Kom­bi­na­ti­on aus Be­nut­zer­na­me und Pass­wort ist längst nicht mehr aus­rei­chend, wenn es um die si­che­re An­mel­dung im IT-Netz­werk geht. Um das Si­cher­heits­ni­veau zu er­höhen und An­g­rei­fern die Nut­zung ge­stoh­le­ner Zu­gangs­da­ten zu er­schwe­ren, ra­ten Ex­per­ten zur Mul­ti-Fak­tor-Au­then­ti­fi­zie­rung. Doch wor­auf soll­ten Un­ter­neh­men vor der An­schaf­fung ei­ner sol­chen Lö­sung ach­ten?

Weiterlesen

News abonnieren

Mit dem Aboservice der PresseBox, erhalten Sie tagesaktuell und zu einer gewünschten Zeit, relevante Presseinformationen aus Themengebieten, die für Sie interessant sind. Für die Zusendung der gewünschten Pressemeldungen, geben Sie bitte Ihre E-Mail-Adresse ein.

Es ist ein Fehler aufgetreten!

Vielen Dank! Sie erhalten in Kürze eine Bestätigungsemail.


Ich möchte die kostenlose Pressemail abonnieren und habe die Bedingungen hierzu gelesen und akzeptiert.