During the past 36 hours, NotPetya ransomware has started spreading around the world. As with other ransomware, it’s malicious software which locks up your files or systems and prevents access to them unless you pay a ransom.
While it’s alarming and can potentially bring enormous disruption, the way it works is not new.
So if you’ve been practicing good security habits and have a comprehensive security strategy in place, you’re in the safest position you can be.
But if you haven’t quite got there yet, or have been thinking about improving your security, there’s no better time than now. We reckon our 4Pillars Security is the best way to do that.
If you protected yourself against WannaCry earlier this year, you should be protected against this
New security threats are out there every day, and you can’t drop tools every time one comes along to put stop-gap measures in place. So our advice remains the same as with the WannaCry attack:
- have a comprehensive approach to your security, including anti-virus software
- use good security habits
- back up your data
- patch fast and patch often.
You can never be 100% safe – but doing all this is the best way to be as safe as you can be.
Workstation protection
NotPetya exploits the same vulnerability as WannaCry to make its way into your systems. Microsoft released security patches in March which protect against the vulnerability.
Your workstations are protected against NotPetya’s main attack vector if:
- you have automatic Windows updates – and you’ve allowed them to carry out; or
- you downloaded and installed the appropriate security update for your operating system from the Microsoft website.
These are the same steps you needed to take to protect against WannaCry.
If you’re not sure, or are unable to download/install updates, get in touch with us – we can help.
However…
It might find other ways to make it into your system. This is where good security habits and preventative measures come into play, which we provide via 4Pillars.
- Have workstation anti-virus in place (such as our UserProtect)
- Be careful about links and attachments in email (MailProtect helps protect against malicious content; and ScamProtect teaches your staff to deal with phishing emails)
- Be careful about the websites you visit
- Have a firewall in place
- Don’t plug in USB devices unless you’re sure they’re safe (they can carry malicious files)
Server protection
If you keep your servers patched, you should be protected – particularly if you did so in response to WannaCry earlier this year. If you’re not sure, would like us to check or would like us to install a patch on your behalf, please contact us.
But for protection against threats before a manual patch is available, we recommend ServerDefence. It’s our cloud-based server security, powered by Deep Security. It prevents NotPetya from spreading, and has done so since March.
If you have ServerDefence, you’re in the best position you can be to stop NotPetya spreading through your network.
Restrict external access
While we don’t generally recommend stop-gap measures, if you don’t have the other security measures in place we recommend you:
- Don’t allow laptops from outside your organisation to connect to your network.
- Disable or restrict virtual private network (VPN) access.
- Restrict guest access to your WiFi.
Back up your data
If your files and systems are backed up, you can simply restore them as needed from a point before your system was infected.
This isn’t a replacement for preventive measures, of course. Even a straightforward backup process will take time and effort. But if an attack gets through, a backup is a great safety net. We offer them with CloudBackup and TotalDR.