A little more than a month after the WannaCry malware infected systems around the globe, a new ransomware epidemic locked screens this week, first in Ukraine, then the US, Russia, Germany, Australia and beyond.
The ransomware is a hybrid of the previously known Petya virus, and spread by the EternalBlue vulnerability in Microsoft, the security hole exploited by WannaCry and patched by Microsoft earlier this year; the new Petya can also take over administrative credentials and run itself on local LAN computers.
A single unpatched PC “could result in a massive compromise of the local network regardless if all of the rest of the PCs are up to date and patched,” says Kryptos Research, the cybersecurity firm that found the “kill switch” for WannaCry. “That makes Petya very dangerous the moment it gets in your network.”
Another deeply troubling puzzle: As ransomware, this latest Petya is a flop—the email address to pay the ransom was quickly disabled—leading many to question if its makers built it purely for destruction, with ransomware as the cover.
Two global attacks in a little over one month…Clearly now would be a good time to assess the vulnerability of your organization to ransomware, and plan a cost-effective ransomware defense.
In this 30-minute recorded webinar, RiskLens VP Professional Services Chad Weinman and Senior Risk Consultant Isaiah McGowan discuss how information security teams can gather data, analyze potential threat events and losses, and model scenarios with the goal of presenting to senior management a solid action plan on ransomware.