Protecting against Petya and other ransomware
As a security professional, which do you fear more: 1) explaining to your boss or CEO that your enterprise’s files are no longer accessible because they’ve been encrypted or 2) bungee jumping? I bet you and most of your security peers would choose the former.
Imagine it’s a bright sunny day, and one of your employees opens their mailbox to find an email about your enterprise’s revised HR policies. It seems like a legitimate email from a supposedly trusted source. The employee downloads the attached Word document and opens it. After a few minutes, their computer shuts down abruptly. When they restart it, a message comes up saying that their computer has been locked and all their files are encrypted.
That’s ransomware at work. And one of the latest ransomware attacks working its way around enterprise networks is Petya!
Petya – A sneak peek
Petya hit Windows-based enterprises across the UK, US, Ukraine, Singapore, and other parts of Europe last week. First reported on June 27th with an attack on a Ukrainian Bank, Petya seems to be a well-crafted ransomware attack that is not making the same mistakes as its predecessor, WannaCry.
Spreading largely through lateral movement inside enterprise networks, Petya seems to be a more targeted attack than WannaCry. So far, Petya has affected fewer computers and spread more slowly than WannaCry. However, Petya is much stronger than WannaCry, locking down all files and folders instead of only encrypting specific ones.
Read the entire article here, Protecting against Petya and other ransomware « ManageEngine Blogs
via the fine folks at ManageEngine