His final match as manager ended in a 2-0 win at home to Wolves
football6 hours ago
Security experts are cautioning businesses to update their software and back up all the necessary files in the wake of another ransomware attack that has affected companies across the globe.
The latest ransomware attack called 'Petya' first appeared this morning and has been spreading around the world, mainly infecting businesses and government agencies and departments in Ukraine and Russia, but there have been increasing reports of businesses in other countries also being compromised, with reports filtering in from the US, UK, Germany, Switzerland, and Holland.
"The only reliable defence against the recent Petya ransomware attacks is backup," says Nigel Tozer, solutions marketing director at Commvault. "Clearly the malicious forces behind this and other recent attacks, continue to be one step ahead of threat detection software, so if your systems and data is held to ransom the only true means of recovery is to be able to revert back to data from the last backup before the infection."
"When files are encrypted and corrupted by a ransomware attack, cloud sync and share tools aren't something you can rely on either, because the sync facility means cloud files are as infected as their originals. The other issue is that these cloud services, especially free or those targeted at consumers, typically don't cover all of your data and may not always have retention policies that pre-date the attack."
The best option, he says, to insure against data-mincing malware, is an in-house centrally managed backup solution. "Whilst reverting to the backup prior to the infection might mean losing a limited amount of data, it is nominal compared to the impact of losing all your data permanently."
The malware itself appears to be a straightforward ransomware program. Once infected, the virus encrypts each computer to a private key, rendering it unusable until the system is decrypted. The program then instructs the user to pay the $300 ransom to a static Bitcoin address, then email the bitcoin wallet and personal ID to the email address, which is now blocked.
Steven Malone, director of security product management at Mimecast, noted that e-mail has traditionally been the primary attack route for ransomware. Attackers often send Microsoft Office documents and PDFs with malicious macros that download and install malware. Clever social engineering will trick employees into enabling the macros and delivering the ransomware payload.
"Preventive measures alone can't keep up with the fast-evolving nature of ransomware attacks and as this attack highlights, there are many ways for an infection to enter an organisation. It's vital you regularly backup critical data and ensure that ransomware cannot spread to backup files. Ransomware can take time to encrypt large volumes of files, particularly across a network share. It is imperative to ensure your back-up window is long enough to go back before any infection begins," he said.
Becky Pinkard, vice-president of service delivery and intelligence operations at Digital Shadows, is warning businesses impacted by the attack not to pay the $300 bitcoin fee as Posteo administrators have disconnected the email address associated with paying the ransomware to get unlock keys for impacted systems.
"It means that if anyone paying the ransom to unencrypt their files tries to do so, the criminals who distributed the attack are unable to access the bitcoin account the ransom goes to; so they will not be able to release the keys for the encrypted files - even if they ever intended to do so," she said.
Backup and recovery measures only work after an attack, and cost organisations in downtime and IT resources dealing with the attack and aftermath, he added. "You must be able to continue to operate during the infection period and recover quickly once the infection has been removed."
- rohma@khaleejtimes.com
His final match as manager ended in a 2-0 win at home to Wolves
football6 hours ago
The Abu Dhabi-owned City won an unprecedented fourth straight English top flight title with a 3-1 win over West Ham United
football7 hours ago
Iranian rescue teams are scouring a fog-shrouded mountainside after an accident happened to the helicopter transporting Iranian president
mena7 hours ago
Chasing 215 for victory against Punjab, Hyderabad reached the target with five balls to spare at their home
cricket8 hours ago
The Copernicus Emergency Management Service provides mapping products based on satellite imagery
mena8 hours ago
City beat West Ham 3-1 to become the first team to win four straight Premier League titles
football8 hours ago
Dubai Crown Prince reviews strategic plans for the development and launch of satellites under the UAE Satellite Programme
space8 hours ago
Combs is the target of several civil lawsuits that characterise him as a violent sexual predator who used alcohol and drugs to subdue his victims
entertainment9 hours ago