WARNING – New Ransomware Cyber Attacks

News is coming in today of Ransomware Cyber Attacks across the world

According to recent news reports, there have been more wide spread cyber attacks.  It is reported that this new strain, main be aiming at the same exploit used by  – get patched, NOW!

 

*******UPDATE**************UPDATE**************UPDATE**************

UPDATE: 28.06.17 – for Sprout Clients:

  1. FIREWALLS – Managed Firewall customers have been protected from this threat or over a year. Ourcombination of the SonicWall Capture Threat Network and SonicWall Capture ATP sandboxing provides the best defense against newly emerging hybrid attacks such as Petya.
  2. EMAIL – This new malware appears to arrive via a Microsoft Word document in an email and is then able to spread rapidly to other machines on the network using the same ExternalBlue exploit used by WannaCry last month. Mimecast Targeted Threat Protection – Attachment Protect can help detect and block the infected Word document email attachment, thereby preventing any infection by this ransomware via email. For customers without Targeted Threat Protection, the anti-virus engines in Mimecast’s Secure Email Gateway have signatures to detect this current variant of Petya.

*******UPDATE**************UPDATE**************UPDATE**************

According to the FT “Companies attacked include WPP, Rosneft, Maersk, US pharmaceutical company Merck and DLA Piper, the law firm, among those that had confirmed they had been hit by Tuesday afternoon.”

Do not open or forward any suspicious emails. If you have any queries, or concerns, please contact us via support@sproutit.co.uk or call; 0207 036 8530

 

Here are 5 quick wins, which will instantly make your practice safer and more resilient.

  1. Software Patching
    1. Automate your patching and cover as many vendors as possible. This time it sounds like a Microsoft vulnerability, but often it is Java or Adobe.
    2. Install patches regularly, as soon after release.
  2. Email Security
    1. Employ email security to scan inbound URLs (web addresses). This technology keeps you safe regardless of the device or location, from which you access emails, and click on any links.
  3. Web Security
    1. Configure your perimeter security, to analyse your web traffic in real time. If you accidentally visit a nefarious website, this technology will detect, and drop, and malicious payloads.  A well configured firewall, will also prevent your machine from ‘calling home’ back out to the internet, should you somehow get infected.
  4. Backup
    1. Have a robust, and well tested, backup process. If the worst happens and you are ‘ransomwared’, you can simply recover your data from a backup.  Still painful, but much less costly!
  5. Train, Train, Train
    1. People don’t like to hear it, but we are the weakest links – the humans. Train yourself and your colleagues, to spot threats and avoid traps.  The Bar Council and the ICO tell us we should all complete annual awareness training – start now, and you will also be ticking a GDPR
The following two tabs change content below.
Matt Torrens

Matt Torrens

Matt enables law firms & barristers' chambers to achieve competitive advantage & peace of mind, through innovative use of best-of-breed technology, award winning services and obsession with service excellence.
Matt Torrens

Latest posts by Matt Torrens (see all)