Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What you need to know about Petya/NotPetya ransomware and 7 ways to avoid falling prey to it

Adrian M. Reodique | June 29, 2017
Cybersecurity solution providers share the characteristics of the new malware that is causing a buzz globally, and offer tips on how organisations can protect themselves from it.


2.       Avoid opening e-mail attachments from unknown sender

The ransomware infection starts with a targeted phishing e-mails that contain a virus-infected attachment. "The document will contain a macro, which is small enough to appear innocuous even to sandboxing technologies. When the document is opened, the macro activates and connects to the attacker's remote server on the internet, and starts downloading the ransomware payload onto the machine. The macro also rewrites the payload as it downloads, so the content appears harmless until it actually enters the host machine," according to Ixia.

As such, Sophos advised users to refrain from opening e-mail attachments from unknown senders. "Avoid opening attachments in emails from recipients you don't know, even if you work in human resource or   accounts and you use attachments a lot in your job."

Savvides added that businesses must be "especially wary of a Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email." 


3.       Block malicious IP address

"The simplest, most cost effective way to avoid attacks is to automatically block all corporate connections to known malicious IP addresses using a continuously-updated threat intelligence feed. This lets it nullify all new attacks, as well as existing, dormant infections," Ixia suggested.


4.       Invest in threat monitoring and detection technologies

The recent wave of ransomware attacks has only re-enforced the lack of accountability and focus on basic IT and security fundamentals, said James Carder, chief information security officer and vice president of LogRhythm Labs.

"We need to stop focusing solely on defence and protection - and put more effort into monitoring, detection and response as true compensating controls to the mess that is IT today. It's not always about stopping the initial compromise, the inevitable, but how quickly you can respond and contain a threat before it becomes a full blown incident or global outbreak," he explained.

In line, Sanjay Aurora, Managing Director of Darktrace in Asia Pacific, advised organisations to leverage artificial intelligence (AI) to help them detect early the threats in the company's network.

"The latest advances in AI mean that smart technology can now detect and fight back against any in-progress attacks within a company network, buying the security teams time to respond. This class of technology truly delivers on the promise of AI in cyber defence and is the only realistic way that security teams will scale to the increased speed and diversity of future attacks," said Aurora.


5.       Step up employee education on cybersecurity 

"These incidents prove that anyone can be a target and compromise is inevitable. The best course of action is ensuring the basics are done right. Your employees are the first line of defence against any attack, therefore, start by educating them on cybersecurity strategies and routines," said Brett Williams, manager for sales engineering at Carbon Black in APJ.


Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.