Continuity News Special Edition

Continuity News – Special edition

Gryphon Partners normally presents Continuity News, the newsletter focusing on a wide spectrum of emerging threats and offering mitigation strategies.

This is an out of sequence edition based upon a current threat that is spreading quickly throughout critical infrastructure systems.

Several European companies are reporting a ransomware attack affecting banking, transportation, power and other infrastructure providers. Initial investigations by several cyber security companies indicate that the attack may be large-scale. Kaspersky lab reports that are “seeing several thousands of infection attempts at the moment, comparable in size to Wannacry’s first hours.” Cyber security experts believe the ransomware strain is known as Petya or Petrwrap, a well-known type of ransomware. It is believed that the malware is taking advantage of the EternalBlue exploit, the same exploit used in the WannaCry attacks seen in May 2017, which takes advantage of a vulnerability in the SMB data-transfer protocol. Microsoft has since patched the issue.

Reports of infections began coming in today, Tuesday June 27 2017 from the Ukraine and have since been reported in several other European countries, Russia, and the United States. The attackers are unknown. A message displayed on infected computers requires payment to unlock the system be paid to a specific bitcoin account.

Ensure that all Microsoft system patches have been applied that relate to the EternalBlue exploit. However, since the cause of the infection has not been definitively determined, this patch is not a guaranteed to resolve this threat but the best way to safeguard against these types of malicious attacks is to run the latest version of all software and make sure it is always updated. Over 90% of attacks unitize a flaw in a software program that has long since been patched by the software developer.

The best way to recover from such a disaster is to have a viably disaster recovery continuity plan to restore damaged or deleted files.

If you would like more information on how we can help your organization, please write us
at info@kathryncostellophotography.com