As you’ve likely read (again), a new high profile cyber-attack has been making the headlines.
The malware used in these outbreaks hasn’t been formerly identified however reports suggest that is like the Petya Ransomware and is exploiting the same SMB vulnerabilities (EternalBlue) which WannaCry was using to propagate back in May.
What can you do to protect your organisation from this new wave of ransomware?
Our recommendation would be to patch all of your Microsoft systems, patches are readily available from Microsoft for these vulnerabilities released by the Shadow Brokers group back in April.
Ensure you have recent backups of all critical data, this type of Ransomware appears to lock users out of the entire machine.
If you haven’t already then update your Intrusion Prevention engines to protect against the previously highlighted Microsoft vulnerabilities and set it to prevent. Again, this has limited impact on the situation since in most cases IPS systems will not be protecting lateral movement, but it could help prevent against longitudinal movement through your gateway.
The final recommendation if you have not already done so, is to add preventative ransomware protections, we have a selection of recommended solutions at both the endpoint and network level for advanced detection and prevention of threats such as ransomware.
We will be closely monitoring the progress of this new strain and we will update you if there is any further news or recommendations.
As always if you need assistance or have any questions then get in touch and we’ll be happy to assist you.