Another global cyber attack is all over the news today. I'm sure you've heard or read about it. Petya, or NotPetya as security researchers are calling it, is wreaking havoc around the world. And, this ransomware is worse than WannaCry from last month.
According to David Kennedy, former NSA analyst and cybersecurity entrepreneur, as quoted on Forbes.com (read the article), "the ransomware finds passwords on the infected computer to move to other systems. It does that by extracting passwords from memory or from the local filesystem, he explained."
Maybe you're thinking "we're fine - we patched all Windows systems earlier this year". Well, what if you missed one. According to ESET researcher Robert Liposvsky (also quoted in the Forbes.com article), "It only takes one unpatched computer to get inside the network, and the malware can get administrator rights and spread to other computers."
Now, if you still haven't patched your Windows systems, shame on you. What have you been waiting for? How many of these attacks must occur before you keep your systems up to date? Sure, it takes a lot of time and you just don't have the bandwidth. Sure, you have many disparate systems that all must be updated individually. Of course, this excuse or that excuse got in the way and you just didn't get it done.
Well, now you might have run out of time.
According to Forbes, "anyone even considering paying hackers to unlock their computers should reverse course, however: the email account set up to provide keys has been shut down by the provider, Posteo. Thanks to that, there's no obvious way of recovering files without backups."
And, there it is, the only real recovery solution - BACKUPS.
But, not just any backups. Some ransomware have been known to corrupt local backups. And, if you're infected by ransomware that also locks up your applications and/or operating system, but you've only backed up your data files, how long will it take you to restore business operations? You need to have off-site backups of data, applications and operating systems that are easily accessed and can be quickly restored.
Act now. If you haven't updated your operating systems, do that NOW. Then, if you don't have reliable backup, please consider getting it. Without the discipline to keep systems updated and reliable backup to recover if something does get through, we're keeping the ground fertile for cybercriminals to continue to wreak havoc.