Are you protected from the Petya/NotPatya/GoldenEye Ransomware?
Protect your corporate networks from this outbreak.
Today June 28, 2017, a new strain of ransomware (Petya-esque) being called “Petya/NotPetya/GoldenEye” began spreading across the globe impacting tens of thousands of computers as of 2:00 pm, PST. This ransomware is more powerful, professional, and dangerous than last months’ ransomware attack.
Petya-esque ransomware takes advantage of the same EternalBlue exploit to target vulnerable Windows Computers. However, this ransomware is different since it will ask to reboot the infected PC and then completely lock down the entire system.
So is your company protected?
If you are currently utilizing either our advanced firewall product from Fortinet or our antivirus solution with hardware monitoring, the answer is yes. Both of these solutions responded almost immediately to this threat but in 2 very different ways:
- Advanced Firewall: Within hours of the initial reported outbreak, all firewalls under our management were automatically patched to scan and filter out the Petya/NotPetya/GoldenEye virus payload. If you have a firewall but your support has lapsed, we recommend contacting our office to get it reinstated to make sure your network perimeter is secure.
- LRT AV: The Laughing Rock AntiVirus solution includes more features than just antivirus. It also includes hardware monitoring, support tools, content filtering, and most importantly (at least for the purposes of this discussion) patch management. The method that Petya/NotPetya/GoldenEye uses to infect your computer is actually a Windows vulnerability that Microsoft patched months ago. Since we force all security related updates to our client computers three times a week, you were inoculated against this virus months ago and may not have even realized it.
So what should I do if I don’t have a smart firewall or LRT AV?
The classic methods of protecting against ransomware still apply to this infection. Here is what you need to check if you don’t have the above solutions:
- Make sure Windows is patched and up-to-date. We understand how frustrating it is when you want to reboot your computer and it takes 10 minutes because of pending updates. That said, you need those updates. Windows computers are surprisingly secure when they are updated fully so let those updates flow! If you don’t have updates turned on, run a manual update and install all security updates ASAP.
- Get offsite backup with some sort of retention. Offsite backup solutions have become surprisingly affordable in recent years. They are the best insurance out there against any type of data loss including a ransomware infection. If you need help, just give us a shout and we will get you set up.
Ransomware is a serious threat to any network but by taking a few easy precautions and using the right solutions, it is a threat that is easily avoided.