If you are a Keycomm managed Services Client, your malware detection has been updated to curb this new threat. We made sure our clients are protected and servers were safeguarded.
[shareaholic app=”share_buttons” id=”12025595″]
Always be aware of this kind of threat, and secure your systems with actively managed services and updated malware protection. The ransomware locks up Windows PCs and demands a ransom of $$$ to unlock them.
Early reports from a Kaspersky researcheridentified the virus as a variant of the Petya ransomware, although the company later clarified that the virus is an entirely new strain of ransomware, which it dubbed “NotPetya.”
Kaspersky telemetry indicated that at least 2,000 users had been attacked by the virus as of the eve of 27 June 2017. Two separate firms have reported the new ransomware employs the same exploit used by WannaCry (ExternalBlue), allowing it to spread quickly between infected systems. Published by the Shadow Brokers in April, EternalBlue targets Windows’ SMB file-sharing system and is believed to have been developed by the NSA.
Microsoft has since patched the underlying vulnerability for all versions of Windows, but many users remain vulnerable, and a string of malware variants have employed the exploit to deliver ransomware or mine cryptocurrency.
According to research by The Verge, Microsoft stated “Our initial analysis found that the ransomware uses multiple techniques to spread, including one which was addressed by a security update previously provided for all platforms from Windows XP to Windows 10 (MS17-010),” a spokesperson said in a statement.
As ransomware also typically spreads via email, customers should exercise caution when opening unknown files. We are continuing to investigate and will take appropriate action to protect customers.
NotPetya has some extra “powers” that security experts say make it deadlier than WannaCry. While EternalBlue has allowed it to spread via a weakness in Windows’ SMB, it has other tools for moving at speed across networks. For instance, according to former NSA analyst and cybersecurity entrepreneur David Kennedy, the ransomware finds passwords on the infected computer to move to other systems. It does that by extracting passwords from memory or from the local filesystem, he explained.
Key Technologies mission is to partner with Small & Medium sized businesses to help them understand how technology can make the task of doing business easier. Easier business means a more profitable, dependable and valuable business for owners. We aim to do this by demystifying technology using language that makes sense, and offering actual solutions that deliver business improvements rather than selling equipment.