Introduction
Numerous ongoing phishing schemes, phone scams, account breaches, and hacking campaigns are resulting in substantial losses and disruption around the world.
This barrage of attacks leaves most people feeling vulnerable and ill-equipped to protect themselves.
Here’s a sampling of news headlines from yesterday and this morning:
“Cyberattack Hits Ukraine Then Spreads Internationally,” The New York Times, JUNE 27, 2017, by Nicole Perlroth, Mark Scott, and Sheera Frenkel.
“Global Cyberattack: What We Know and Don’t Know,” The New York Times, 27 June 2017, by Sheera Frenkel.
“Major cyber attack disrupts businesses around world,” Reuters, 28 Jun 2017 9:09 AM, by Eric Auchard, Jack Stubbs and Alessandra Prentice | Frankfurt / Moscow / Kiev.
“Ransomware Attack Raises Concerns Over Future Assaults,” The New York Times, 28 Jun 2017, by Mark Scott and Paul Mozur.
Here are some easy, inexpensive, and effective ways to protect yourself.
DEFENSE #1 – Offline Backup
Most people keep a backup drive connected to their computer. This helps ensure regular ongoing backups. However, ransomware and other viruses can attack files on attached drives, including backup drives, rendering them useless.
If you’re leaving a drive attached at all times, you should rotate that with a drive that’s not attached. In this way, you’ll always have one backup drive that isn’t connected. Most backup systems allow for multiple drives.
Cloud backup services typically have measures in place to prevent widespread attacks on multiple files. This may be done through behavior detection or through maintaining backup versions. While cloud backup services offer some advantages, they can also be very slow to backup to or restore from, so local backups are also desirable.
DEFENSE #2 – Windows and Software Updates
Computers are more vulnerable to attacks when not kept updated. Vulnerabilities in Windows and programs can leave your computer open to attack. Make sure that your antivirus software is regularly updated.
Recent Microsoft Windows updates have incorporated preventative patches and fixes that will help protect from a variety of virus and ransomware attacks. For more information, read, “No, Your Windows 10 Computer is Not Up-To-Date.”
DEFENSE #3 – Administrative Account
Setup an Administrative account on your computer that you only use for installing new software or updates. Then set your own user account to be a Standard account with limited access. This will ensure that during your daily activities your computer isn’t being operated at the administrative level. In doing so, malware should be more limited.
DEFENSE #4 – Maintain Multiple Computers
You may wish to have an additional computer to conduct sensitive tasks such as banking or shopping. A computer that is used less frequently, is less likely to be exposed to threats. It can also remain off, or disconnected from the Internet when not in use. It can contain only the programs needed (if any) to get your essential work done. Reducing the number of installed programs and utilities reduces the breadth of exposure to attacks.
A computer dedicated to checking email, social media, and reading news can be used but not contain critical files. If used more frequently, it will have greater exposure to possible threats, yet not contain anything you care about.
DEFENSE #5 – Use Hardened Systems
Viruses are written for Windows computers because they are a bigger target and offer greater rewards or a greater promise of damage, harm, loss, injury, and disruption to as many people as possible.
Some systems either by design or by intension are less susceptible to attacks. For example, Linux and Apple computers simply can’t run many of the .EXE program files designed to infect your computer.
Apple iOS devices like iPads and iPhones use locked-down operating systems that are only accessible through the App Store as a secure gatekeeper for incoming programs. Software sent via malicious email attachments simply can’t be installed.
While not entirely impervious, such systems offer a significant increase in protection. You’ll still need to be vigilant and alert when reading emails to make sure you don’t click on any fake links that lead to phishing websites.
DEFENSE #6 – Proactive Eradication
As a world community, we’re churning out vandals, crooks, drug dealers, mercenaries, child soldiers, terrorists, and cyber criminals at an alarming rate. These are not a group of lone operators, but the product of organizations with their own ideologies that drive their members to believe their manifesto is the only way. These organizations are actively recruiting new members. They feed on those who are disillusioned, vulnerable, insecure, lacking in confidence, without hope, and without a support network. The tools and methods used by these organizations have changed, but the overall goal seems to be the same. What we’re witnessing now is an increase in terrorist activities and massive cyber attacks. They are growing in scope, frequency, and impact.
We need to create a world where we eradicate the conditions that allow these organizations to thrive.
DEFENSE #7 – Build Communities and Opportunities
We need to create communities and opportunities that are more alluring than what the ‘world destroyers’ can offer.
There are many effective initiatives currently being implemented. One example of many is Nuru International, an organization founded by a former Marine platoon commander who wanted to do more to eliminate terrorism in the world — by eliminating poverty and hopelessness that terrorism relies on. We need to support organizations and initiatives like this one that create a more hopeful world.
How NURU Was Founded
How NURU Works
Further Reading
A few hours after publishing the above article, Malwarebytes issues the following release which provides further insights into the latest wave of cyber attacks.
SPECIAL BULLETIN
28 June 2017 @ 1:23 PM Central Time
A new strain of ransomware, a Petya-esque variant being called Petya/NotPetya, is swiftly spreading across the globe today, impacting tens of thousands of computers as of 2:00 p.m., PST. More powerful, professional, and dangerous than last month’s WanaCrypt0r attack, the Petya-esque ransomware uses the same EternalBlue exploit to target vulnerabilities in Microsoft’s operating system. However, unlike WanaCrypt0r, this ransomware instructs you to reboot your computer and then locks up your entire system. Long story short: if you get this infection, you’re hosed.
We’re alerting you to reassure you that if you’re currently using the premium version (or the premium trial) of Malwarebytes with real-time protection turned on, you are protected from this threat. Our premium technology blocks the Peyta-inspired ransomware before it can encrypt your system. (The free version of Malwarebytes, however, does not protect you against this attack. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.)
If you’re not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March. You may access the patch here. We also recommend you be extra vigilant about opening emails, as one suspected method for spreading this infection is through infected Office documents delivered via spam.
If you’re thinking about paying the ransom for this threat ($300 in Bitcoin per PC)—don’t bother. The email service that hosted the address where victims were instructed to send payment has closed the account. So at this point trying to pay the ransom will result in a returned email. However, the attackers may provide their victims with alternative forms of payment transactions.
Cyberattacks at a global scale seem to be happening more and more frequently. At Malwarebytes, we pledge to keep our customers and readers informed. Your safety is our number one priority.
Sincerely,
The Malwarebytes team
P.S. Learn more about this threat here.