Another ransomware attack started Tuesday morning and has been ravaging organizations large and small all over the world. The attack, referred to as Petya or NotPetya, uses the same vulnerability exploited by WannaCry last month. Microsoft released a patch back in March to address the vulnerability, but many organizations had an incomplete rollout of the update, causing WannaCry and NotPetya ransomware to spread rapidly within their networks.
What is ransomware?
Ransomware is a type of malware that blocks access to your computer or your data and ransoms it for money. In 2016, an estimated $1 billion was paid in ransoms, making it one of the most lucrative cyber-attack tools.
How can I protect my information?
Both of these attacks highlight several basic areas that organizations can focus on to ensure they don’t fall victim to NotPetya, WannaCry, or the next ransomware threat. Some of these tactics include:
Deploy software updates
Installing software updates is a critical part of security. While it can be cumbersome without the right tools, both WannaCry and now NotPetya are not a threat to organizations that ensure that their systems are up to date.
Backup and Disaster Recovery
Making sure that you have a working and tested backup strategy is critical to recovering your data in the wake of a ransomware attack. In the past year, some ransomware have specifically targeted backup systems, so making sure that your backups are protected is more critical than ever. Another part of disaster recovery is working out a plan on how you would recover if some or all of your computer were encrypted as that can be a serious logistical challenge, especially for smaller organizations.
It’s very easy to let network access be open and allow everyone access to almost everything. However, this means that if one of your users is infected, everything in your network is compromised. If your users only have access to the data they need to work, attacks will have a much more limited impact, allowing for faster recovery.