Petya May be the Worst Ransomware Ever

Randomsware Petya

Ransomware has been wreaking havoc for years, locking up data and decrypting and releasing it only when money is paid, usually through Bitcoin.

Like any successful malware, new variants are based on the old ones, making it a snap for even amateur-hour hackers to tweak an old exploit and unleash it as new.

So now we have Petya, whose victims already include banks, airports, the metro in Kiev, and even Chernobyl radiation detectors. And this is only the beginning, as the malware is still very much in the wild.

The sad part is this exploit should have been prevented. Petya is based on the WannaCry ransomware attack, which goes after a hole in older versions of Windows. The U.S. National Security Agency (NSA) used this vulnerability for its own cyber-efforts — which a WikiLeaks data dump disclosed, offering hackers an easy-to-follow blueprint.

Smart end users and IT shops patch their systems, and in fact, Microsoft has a patch that plugs this hole. Unfortunately, all too many organizations fail to patch regularly and completely.

The reality is most successful exploits are against unpatched systems. Hackers love to take shortcuts and the patching process offers a perfect opportunity; just like the NSA leak offered an architectural blueprint for how to exploit the Windows’ hole that Petya jumps through.

Petya Screen Capture

Here is what the Petya warning screen looks like.

Petya Will Really Make You WannaCry

Petya adds some sinister elements to what WannaCry offered. For one, iPetya knows how to mine endpoints for passwords and uses these credentials to spread to other devices.

Petya can also be spread by taking advantage of machines with admin rights, similar to an elevation-of-privilege attack.

Three Ways to Avoid the Pain

Ransomware is serious stuff, but only if you haven’t take these steps to protect your operation.

  1. Patch your computers. Patching is 100 percent essential, but it is not easy for organizations that rely on end-user vigilance or manual IT means. You need an automated patching solution so patches are installed when they become available – on all endpoints and servers.
  2. Maintain an antivirus and anti-malware solution. With proper security protection across all your systems, incursions such as WannaCry will be spotted, blocked, and purged. Like patching, an automated solution that installs and updates security across all of your systems is essential.
  3. Be Smart about backup. Ransomware works by holding your data hostage. For those with no backup, an encrypted and locked hard drive is a disaster. If you have a current backup, it is only a nuisance. The best solution is an automated tool that backs up all of your systems to the cloud, where it remains safe until you need that data back.

With Kaseya VSA, all endpoints can be patched automatically and completely.

Cloud Backup to the Rescue

Cloud backup can automatically and regularly copy your files. And restoration is a snap, as this data is resting comfortably in the cloud just waiting for you to access it.

Kaseya has a cloud backup solution that is ideal for SMBs and managed service providers alike. Recently, Kaseya introduced Kaseya Cloud Backup, powered by Acronis. With Kaseya Cloud Backup, you can back up and recover every machine you manage on-premises or in the cloud – all from one place.

By leveraging the power of Kaseya VSA (which includes patch management and antivirus/anti-malware) with Kaseya Cloud Backup, you can quickly define backup policies by organization, machine group, or device type. Create as many policies as you need to simplify managing the backup requirements of the entire set of infrastructures under your control, and ensure you are meeting all compliance procedures. Changes in standard policy procedures can be applied to multiple machines and environments with a few simple clicks. In addition, you can create policies in VSA to restart failed backups automatically, shut down machines prior to backing up, and resolve many other problems that commonly occur during routine backup processes.

Learn more about how Kaseya Cloud Backup can help your company.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.
Data Breach

2019 IT Operations Survey Results: Security Breaches and Outages Show No Sign of Slowing Down

The 2019 Kaseya IT Operations Survey has brought to light a few surprising as well as some obvious results about ITRead More

Art of business man riding a rising arrow with a telescope in hand

5 Steps to a Successful Mid-year Goal Check-in

The day-to-day demands of running an MSP can keep everyone quite busy, whether they’re putting out fires or upgrading aRead More

Art of people working on a UI design

3 Key Takeaways From the 2019 State of IT Operations Survey

Kaseya conducted its fifth annual IT Operations Survey this past June, aiming to delve into current IT operational state andRead More

Road Sign "Change Just Ahead"

MSPs – Get Ready to Migrate

During its nine-year run, Windows 7 has found a loyal fan base among MSPs. They cling to Windows 7 evenRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now

Archives

Categories