Blog / Fool Me Once, Shame on You …

As expected, a new ransomware virus is having global impact on many thousands of computers.  The latest edition is called Eternal Blue (also known as Petya) and it uses the same attack method as WannaCry last month. It demands a $300 ransom for each infected computer.

This time, the Ukraine was hit hardest – the National Bank, transportation services, and power companies were among the targets of the attack.  But it spread to Maersk (a Danish shipping giant), the Russian oil industry, a major British advertising agency WPP, and the global pharmaceutical firm Merck.

As of today, about 45 payments have been made – or just over $13,000. It’s really small potatoes in the ransomware game. The major cost is the down-time and lost productivity for these firms. The long-term downside is the loss of reputation.  Do you really want to do business with an organization that treats it’s information systems in such a cavalier fashion?

Like WannaCry, this virus takes advantage of a vulnerability in the Microsoft operating system – primarily Windows XP.  The vulnerability – part of a leaked NSA hackers toolkit – was actually plugged by a patch released by Microsoft in March of 2017.

Unlike WannaCry, Eternal Blue does not appear to have a kill switch; a simple fix that disabled the virus. Without the kill switch, the virus’ worm capabilities allow it to spread to all connected computers on the network without any interaction from users; it’s much harder to get rid of.

While I’m sure the techs in the affected companies are working flat out to eradicate the virus, they really need to look in the mirror to find someone to blame. I can’t think of a plausible reason for leaving IT systems exposed to this type of attack. The fix is simple, easy to apply, and costs nothing.

Enough editorializing. The essential question is: are your systems at risk?  The essential answer is NO – as long as you have Windows 7 or Windows 10 on your desktop and laptop computers – and keep them up-to-date with Microsoft patches. Most systems that we come across meet these requirements. As always, good Anti-Virus software, enhanced firewalls and up-to-date software are mandatory to help protect your IT systems.  User education and best-practice countermeasures are equally important.

The small silver lining in the Eternal Blue dark cloud is the heightened awareness of virus threats. The threat from malicious attacks is increasing – both in quantity and the sophisticated nature of the attacks. It’s not hard to imagine the evolution of these viruses to where information won’t simply be encrypted for ransom, but the hackers will encrypt AND threaten to make public the files they encrypt; credit card information, customer files, corporate secrets, internal memos – the damage could be enormous.

Don’t be fooled – not even once. Malware is serious business, and it’s becoming big business.

Please contact me or your Primary Tech if you would like more information on how to protect your organization from malicious ransomware attacks.

Thanks

Dave White 
Trinus Technologies Inc