HPE Software is now Micro Focus
HPE Software is now Micro Focus
Protect Your Assets
cancel

Petya: Another ransomware attack highlights need for threat intel and backups

Petya: Another ransomware attack highlights need for threat intel and backups

Security_Guest

Blog post by Travis Grandpre
Director of Product Marketing, ArcSight

 

Yet another ransomware campaign is attacking enterprises. Every day brings ransomware.jpgnew information from the security research community on the techniques and tactics of this attack. In his blog on June 28th, Optiv’s John Hyatt does an excellent job of outlining measures to combat Petya and other ransomware variants.

While initial primary targets appeared to be financial institutions in the Ukraine, the attack is spreading globally using EternalBlue and other lateral propagation techniques. Hyatt also mentions the Optiv finding that “Petya’s delivery method was centralized around the MeDoc financial software, as well as a watering hole delivered via a Ukrainian university. Unless your organization uses MeDoc or a user visited the watering hole, your threat landscape is greatly reduced.”

And it seems that Petya may just be a façade for another attack. Some reports even say that you actually can’t get the data back. So what should be done about ransomware?

Here are our recommendations: 

Please post your comment if you have further advice for your colleagues in the industry.

 

  • Threat Intelligence
About the Author

Security_Guest