Business Tech: Are you protected? WannaCry and Petya won't be the last to target your system

Mike HerringtonOctober 9, 20173 min read

You know how they say that history has a way of repeating itself? Malware threats are no exception to that with the latest Petya/Goldeneye virus coming out on the heels of a WannaCry epidemic that hit more than 230,000 computers in over 150 countries in May.

The good news is that most of the rules to protect yourself remain the same. The bad news is that many business owners still haven’t taken the needed action and are in danger.

Petya works a little differently than WannaCry. It seems the creators had more in mind than just trying to extort your money. When it infects a machine, it causes a reboot. When you try to turn your computer back on, you are immediately directed to a screen asking for payment in bitcoin. There is no option to get to anything else and the machine is rendered useless.

There are doubts that the Petya/Goldeneye virus was designed as ransomware. Most experts think that it is just a cover to mask a malware attack designed to do a lot of damage. The payment system that was set up by hackers is pretty much useless. There was only one address used for bitcoin payment which has already been shut down. True ransomware like WannaCry had a much more sophisticated payment system that could continue to get payment despite Internet service providers’ efforts to block it. This makes experts believe that it was really just a thinly veiled malware attack. It also appears that the attack was first aimed at the Ukrainian government, giving further credence to the belief that ransomware was never the objective.

There are several methods to protect your business from Petya. The malware uses the same exploit that WannaCry did to gain access to your systems. It is a process on Windows Server called SMB, which is used to share files and printers across a network. There has been a patch available from Microsoft since March; however, some businesses have still not taken the time to get their systems up-to-date. Without the update, they remain vulnerable.

In addition to keeping up- to-date on the latest patches, a good antivirus can be an asset in the fight against Petya. Most quality antivirus products already have patches out that block Petya, as it uses vulnerabilities that were previously identified. Again, the antivirus needs to be up-to-date to be effective.

Strong firewalls are also a great help to businesses looking to protect their data. Ensure that it is administered in accordance with networking best practices and that there aren’t doors open for hackers to get into the network.

Backups remain highly important. Make sure that you have a quality backup solution that is backing up servers and workstations with important data every night. That way, if the worst-case scenario hits and you get infected, you can simply revert to the backup and repair the damage. Backups should happen every day and should have monitoring or notification that allows you to have confidence that they are complete and usable. There are far too many businesses that set up a backup once and assume it will keep running indefinitely, only to find out when they need it that it stopped months ago and they don’t have any current data.

The solutions for basic security remain the same. It’s up to business owners and executives to take the initiative and get in front of this problem. The threats continue to pile up, and there is nothing to indicate that this will stop anytime soon. The time is now to take affirmative action to protect your business and your customers' data.

Mike Herrington is the manager of business development at i.t.NOW.

From the Salt Lake Business Journal archive

← Back to the archive