Petya variant
New ransomware virus outbreak

News from Omniquad | June 28, 2017

An outbreak of new ransomware (Petya variant) is currently being reported globally – it follows in the steps of the previously reported WannaCry malware. It appears that this attack uses multi-layered encryption aiming at administrator privileges and targets the hard drive rather than individual files. This attack appears to have started as phishing campaign, targeting infrastructures with multi-layered-splits and this virus is believed to be ransomware - a piece of malicious software that shuts down a computer system and then demands payment to fix the problem.

We are proactively monitoring this threat and updating our detection mechanisms to protect our customers. This also occurs on 24/7 basis through our Zero Hour Protection program - we frequently see new threats even before they are reported in the news. Mailwall Remote as a managed cloud service is designed from ground up to block them before they have a chance to reach the customer perimeter and this happens through variety of checks & controls in place. Please contact us if you would like to learn more.

Our generic security advice for all customers is:

  • Deploy the latest Microsoft patches, including MS17-010 which patches the SMB vulnerability, to read more click here
  • Consider disabling SMBv1 to prevent spreading of malware, more on this Click here
  • Ensure you have the latest updates installed for your anti-virus software
  • Educate end-users to remain vigilant when opening attachments or clicking on links even if they appear from known senders
  • Raise awareness of phishing scams
  • Do not let users work with administrative privileges unless absolutely required
  • Use strong passwords
  • Don't use the same password for multiple apps/services
  • Carefully read reviews/about any apps, before installing and check the app source/publisher before installing
  • Avoid inserting hard drives and pen drives you don't trust, into your computer

In the meantime, we are following closely on the development of this outbreak and will post another update in due course.

Please contact us if you would like more information and assistance with securing your IT infrastructure. to start your free trial.