-Grey.png?width=1181&height=276&name=SUP%20632%20Logotype%20RGB(clear)-Grey.png "Support-Tree-Logo-White")
-Grey.png?width=588&height=164&name=SUP%20632%20Logotype%20RGB(clear)-Grey.png "Support Tree Logo")
How to protect your network from hacking attacks
Karina : Sep 26, 2023 11:33:16 AM
4 ways on how to stay cyber secure
Ransomware is a type of malware that encrypts your files and demands a ransom payment in exchange for decrypting them. As often happens with malware, the attackers behind the latest Petya campaign have re-used some familiar tactics, techniques, and procedures (TTPs) from earlier Petya ransomware attacks and the recent WannaCry ransomware attacks.
-1.png?width=438&height=313&name=Copy%20of%20untitled%20(1)-1.png)
The ransomware campaign that emerged today follows a similar attack method to last month’s WannaCry ransomware, as it uses the same EternalBlue exploit of a Windows vulnerability. However, unlike WannaCry, this campaign uses Microsoft PsExec and WMI services to spread rapidly across the network. This means that even computers that had previously been patched may still be vulnerable to a laterally moving Petya attack.
Once compromised, the ransomware overwrites the Master Boot Record (MBR), reboots, and then encrypts individual files that match a list of file extensions (including documents, archives, and more). Once the encryption is finished, it presents the victim with a message requesting a ransom of $300 in Bitcoin to decrypt the system. To date, we understand that up to $3,000 has been paid in ransom, but we have not heard of any affected organizations having successfully decrypted their files, as the associated email account has been shut down.
As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key component of the attack. Microsoft released a software patch for the vulnerability after the release, but there are likely millions of computers that have not been updated even today with that latest patch. Thus, they are vulnerable and actively being attacked. The initial infection vector in this attack has been linked to a software update for a Ukrainian tax accounting package called MeDoc.
Want to learn how more on how you can protect your business from hacking attacks? Call, email or submit your details below and let's have a talk. Lets see how your business can become the best!
The top 7 cyber security threats for UK SMBs
Karina : Jan 16, 2024 9:19:40 AM
In the rapidly evolving digital landscape of 2024, small businesses find themselves at the forefront of a constant battle against cyber threats that...
Concerned about business phishing scams? Phish your staff!
Karina : Jan 8, 2024 10:28:36 AM
Phishing attacks are one of the most popular and effective ways for cyber criminals to access private information, with even the most tech-savvy and...