Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 30 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Petya, WannaCry and Mirai- 4 steps to protect yourself from the new normal

by The Gurus
August 10, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

In the past year alone, cybercriminals have upped their game when it comes to high-profile global attacks, with Mirai, WannaCry and Petya all occurring one after the other. The effects have been devastating to some of the world’s largest economies and industries. However, despite the attention in the media, this is not a new phenomenon. Attacks such as the ILOVEYOU worm and Code Red were both huge attacks, in some cases, affecting far more devices and organisations than these latest attacks. On top of this, the spread of WannaCry and Petya were quickly restrained, unlike the worms we’ve seen in the past. Now more than ever, the new digital economy means that organisations rely on data as an essential resource and a vital source of revenue
Attacks like Mirai were able to capture tens of thousands of IoT devices, such as DVRs and digital CCTV cameras using the known device passwords which had been installed by their manufacturers. The attackers were then able to accumulate these devices and weaponise them to take out a huge section of the Internet, across the globe.
WannaCry was at the forefront of a new type of ransomware/worm hybrid, known as a ransomworm. This allowed it to use a Microsoft exploit created by the NSA and publicly released by a hacker group, known as the Shadow Brokers. Ransomworm attacks deviate from the usual ransomware method of selecting a specific target, towards a functionality which allows them to spread rapidly across the globe, compromising thousands of organisations and devices.
Shortly after, we saw the emergence of a new ransomworm, known as Petya. This new malware used the same worm-based approach as WannaCry – even down to exploiting the same vulnerability – however, this time the payload was much more potent, allowing it to wipe data off a system and even modify a device’s Master Boot record, leaving the device completely unusable. Considering that there was very little financial reward for the perpetrators of this attack, it’s safe to say that this attack was more focused on taking machines offline than ransom payloads. A machine availability ransom such as Petya is likely to become a much bigger problem in the future when spreading as a rapid ransomworm.
It is widely believed in the security industry that attacks such as WannaCry and Petya were just an initial test for vulnerabilities, with the worst yet to come. This could just be part of an insidious opportunistic strategy of targeting newly discovered vulnerabilities with massive, global attacks and increasingly malicious payloads. This could be the start of a new wave of global cyberattacks.
 A New Hope…
The sheer scale and scope of these attacks may leave organisations feeling powerless and vulnerable. But there are a number of things that they can do to stay safe.

  1. Patch and replace

Network and device hygiene are basic security steps, but are still widely neglected. The WannaCry ransomworm targeted vulnerabilities which Microsoft had already patched two months before. A month later, Petya was able to exploit the exact same vulnerability, to devastating effect. In fact, most successful cyberattacks target vulnerabilities which are on average, five years old.
It’s so simple and pain free to keep devices patched and updated, organisations must get into the habit. Any device which is too old to patch, must be replaced.

  1. Know your network inside and out.

Of course, it’s impossible to patch devices on your network if you don’t know about them. Which is why you need to invest  time and the technology to identify every device on your network, determine what its purpose is, what traffic passes through it, how old it is, what OS and patch level it is running and who or what devices have access to it.

  1. Implement an integrated security system.

Some of these attacks target IoT devices that simply can’t be patched or updated. Which is why you also should implement security tools which can see and stop the latest threats at multiple places in your network.
But given that networks now span a vast range of devices, users, and applications deployed across multiple ecosystems, isolated tools monitoring traffic that passes a single point in the network are no longer adequate.

  1. Segment your network.

Dividing your network into functional segments isn’t a new concept. However, as with patching, most organisations still fall at this hurdle. They tend to have flat, open networks, and once the perimeter has been breached, malware becomes disastrous.
As trends in remote working show no signs of slowing, organisations are seeing their perimeters disappear, which makes securing the network especially challenging. Some of the weakest sections of the networks are IoT devices, so it’s imperative that these are assigned to a separate, secure network away from the main ecosystem. This way, your organisation stands the best chance in the event of a breach. A segmentation strategy designed to meet the security demands of complex networked environments is key for any organisation.
For security professionals, a lot of this should already be on their radar. However, there is an urgency for security hygiene to be implemented in order to minimise the risk of exposure to attacks such as Petya. Executive decision-makers need to understand that without the suitable resources, training and tools in place, every organisation is at risk. As we are living more and more of our lives online, these are no longer optional security strategies, but necessities for today’s new normal.

FacebookTweetLinkedIn
Tags: cyberattackcybersecuritymiraipetyaRansomwaretechwannacry
ShareTweetShare
Previous Post

Nobody said Threat Intelligence Would be Easy

Next Post

‘Cyber alarm’ will help businesses meet tough new data rules

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 30, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information