Contact us today!
(518) 203-2110

Evolve IT Blog

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Latest Ransomware Attack is Brutal Reminder of Cyber Security Importance

Latest Ransomware Attack is Brutal Reminder of Cyber Security Importance

A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.


Why NotPetya Isn’t Really a Ransomware
The first clue that researchers had that NotPetya had a different motivation was the fact that the ransom only demanded the Bitcoin equivalent of $300. Secondly, the only means of getting the decryption key was to send an email to an address hosted by German email provider Posteo. Despite the lack of preparation the payment method appeared to have, NotPetya itself was clearly designed to be able to infiltrate as many networks as possible and do maximum damage once inside.

A Hybrid Hacking Attack
Since the attack commenced, researchers have ascertained that despite its initial similarities with Petya, NotPetya shares many traits with other malicious programs. Like WannaCry, the attack that affected much of Europe, NotPetya leverages EternalBlue. EternalBlue is a National Security Agency hacking tool that targets unpatched systems and steals the passwords that allow administrator access. In addition to EternalBlue, NotPetya also utilizes EternalRomance, another code that was stolen from the NSA.

Once NotPetya has infected one computer, it extracts passwords from its memory or the local filesystem to allow itself to spread--including onto updated and patched Windows 10 systems.

How To Protect Your Files
First off, don’t expect that you can retrieve your files just by paying the ransom. Even if those responsible for NotPetya intended to keep their word and return them once paid, Posteo has shut down the provided email account victims were to receive their keys from. As a result, unless a victim was already following certain best practices, their files are as of yet unrecoverable.

However, this does not mean that everyone is vulnerable to this attack. Before the EternalBlue and EternalRomance exploits were distributed on the dark web, Microsoft had already released patches for the vulnerabilities. However, if these patches were not applied, a user’s systems were (and are) still vulnerable.

The best method to avoid infection from this kind of attack is to ensure your users understand the importance of cyber security efforts, and that all of your business’ systems are reinforced against the latest threats by keeping your defenses up-to-date.

Furthermore, even an infected user is not without hope if they have been backing up their files. If they have done so, all they have to do is disconnect their computer from the Internet, reformat their hard drive and restore their data from their backup solution. However, for this to work, you have to also be sure that your backups are up-to-date, and that your backup is stored in an isolated location, separate from your network.

Evolve IT has the experience and expertise to help prevent you from becoming a victim of a malware like this, whether we help you manage your backups or help educate your users to avoid attacks like these in the first place. Give us a call at (518) 203-2110 today.

Continue reading
0 Comments

Alert: Don’t Call Fake Technical Support Hotlines Provided By Malware

b2ap3_thumbnail_tech_support_bomb_400.jpgComputer users, beware; there’s an intrusive malware spreading across the Internet that’s capable of locking users out of their web browsers and redirecting them to fake IT support phone numbers. The hacker’s goal is likely to steal sensitive information from users, so it’s especially important that you don’t call this fake phone number.

Continue reading
0 Comments

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Technology Internet Best Practices Cloud Hackers Privacy Email Productivity Business Malware Business Computing Software User Tips Efficiency Workplace Tips Google Computer Hosted Solutions Microsoft Upgrade IT Support Mobile Devices Innovation Smartphone Windows 10 Hardware Network Security Ransomware Gmail Microsoft Office Office Backup Operating System Apps Business Continuity Disaster Recovery Communication The Internet of Things Social Media Hacking WiFi Bandwidth Facebook Managed Service Provider Outlook Firewall Content Filtering Wireless Technology Cybercrime Android Website Apple Best Practice Alert Employer-Employee Relationship Networking Two-factor Authentication Data storage History Data Windows Small Business Phishing Experience App Mobile Computing Big Data communications Safety Unified Threat Management Money Mobile Device Management Network Smartphones Quick Tips Government Sports Society Augmented Reality Google Wallet Keyboard Spam Retail Search User Information Technology Running Cable Internet of Things Hard Drives Windows 8 Remote Computing Hosted Solution Shortcut Windows XP IT Services Managed IT services DDoS Artificial Intelligence Documents Word Compliance Heating/Cooling Tech Support Drones Bluetooth Social Printer Business Management Browser Automation Virtual Desktop Wireless Memory Securty Competition Unified Communications Presentation Document Management Entrepreneur Encryption Deep Learning Domains Law Enforcement SaaS VoIP BDR Hacker Proactive IT Cortana Vendor Management Network Congestion Application Save Money Customer Service Music Monitors Laptop Cryptocurrency Router IBM Displays Office 365 Google Docs Education Holiday Cleaning Analytics Black Market YouTube Saving Money Processors End of Support Lithium-ion battery Office Tips LiFi intranet Staffing Downtime BYOD Passwords Streaming Media Help Desk Writing Micrsooft Visible Light Communication Social Networking Disaster Public Speaking IP Address Business Growth Virtualization Data Management Robot Advertising Recovery
QR-Code