Posted on 06/27/2017 7:35:05 AM PDT by MarchonDC09122009
https://www.forbes.com/sites/thomasbrewster/2017/06/27/ransomware-spreads-rapidly-hitting-power-companies-banks-airlines-metro/#17b076ce7abd
Another Massive Ransomware Outbreak Is Going Global Fast
Security #CyberSecurity Jun 27, 2017 @ 09:44 AM
Another Massive Ransomware Outbreak Is Going Global Fast
Thomas Fox-Brewster, Forbes Staff
Ransomware is causing severe problems for major critical infrastructure providers today.
Ukraine's government, National Bank and biggest power companies all warned of cyberattacks Tuesday. Airports and metro services in the country were also reportedly affected, though it appears they're victims of another massive ransomware outbreak that's spreading across the world fast and hitting a significant number of critical infrastructure providers.
(Excerpt) Read more at forbes.com ...
I’ve been personally affected by such an attack. It’s is maddening.
My main work desk computer (XP PRo) would NOT BOOT UP this morning!......................
Ukraine blaming Russia - of course
Russia also being hit
London seems to be affected
June 27 2017 Global Cyberattack linked to “Petya” Ransomware -
#Petya - Twitter Search
Search results for #Petya
codelancer @codelancer
·
1h
Russia, Ukraine, Spain, France - confirmed reports about #Petya ransomware outbreak. Good morning, America.
0x09AL @0x09AL
·
43m
#Petya variant is doing lateral movement by using wmic.
Embedded
SwiftOnSecurity @SwiftOnSecurity
·
42m
Message from employee of international company RE: #Petya
Embedded
Michal Jarski @Michal_Jarski
·
2h
Huge #ransomware outbreak in #Ukraine hitting major banks and telcos...
Probably some #Petya variant.
Jake Williams @MalwareJake
·
50m
For those looking for the latest #Petya ransomware sample for analysis, here it is via @JFran_cbit
(link: https://virustotal.com/en/file/027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745/analysis/) virustotal.com/en/file/027cc4
plum @chrisplummer
·
1h
Don’t click on a damn thing today via email. #petya
peterkruse @peterkruse
·
1h
Heads up! Several large companies hit by variant of #Petya #Ransomware . Email: wowsmith123456@posteo.net for extortion.
Embedded
George Argyrakis @gargyrakis
·
1h
Huge Global #CyberAttack / #Ransomware spreading right now. Probably a #Petya variant that spreads through SMB.
Embedded
How do we fix this?????
Hit us yesterday via Intercoastal Waterway, Sargeant, TX.
Simple Fix:
1. Malwarebytes | Free Cyber Security & Anti-Malware Software
https://www.malwarebytes.com/
Download Free Version. Run. Boom.
2. Do all Windows Updates
3. Enjoy Freerepublic worry-free, and stay off those other wacky sites like: “how to make your own KFC chicken...”
Reminds me I need to make sure all my family’s PCs are getting backed up regularly.
(CrashPlan works but, if your backup needs are more than a couple terabytes, it sure wants a lot of resources.)
By not being a target. Use something other than Windows OS. If you must have Windows OS, then run a Linux VM inside of Windows and do your email and web surfing from inside that OS. Take a snapshot of that OS once it is all set up, and restore from the snapshot anytime you suspect something is wrong.
Never use IE, nor Firefox on Windows. I would not trust Chrome on Windows either. Use Chrome or Firefox inside the VM instead.
You’re saying AFTER your PC was hit with ransomware, you were able to download and install Malwarebytes, and fix it?
I bet its leftists who work for big tech companies like google who are responsible for these massive attacks.
Don’t open an email from anyone! I got an email from supposedly the post office saying my package was undeliverable. I opened it and my security software picked it up right away and blocked it. I did see the randsom part of it before it went away. They say it could lay dormant for a few weeks before it springs up at you. I am hoping that is not my case since it has been over a month and Windows 10 did a critical update.
Company level defense (at a minimum):
1) Establish a strong Infosec / Cybersecurity program. See the SAN top 20 policies
2) Strong boundary defenses (firewall / routers / vpn gateways)
3) Scan all emails (internal and external) for viruses
4) Establish an anti-phishing campaign to educate users
5) Regular backups of critical systems along with multiple snapshots of critical data
6) Regular scans of all servers and workstations for viruses
7) Maintain gold images of servers and workstations
8) Isolate the data center from internal networks via firewall that only allows specific approved connections through.
9) shut off any unnecessary services / ports
10) adopt a monthly internal vulnerability scanning of servers
11) adopt network based intrusion detection / host based for critical servers
12) Enforce the use of passphrases (12+ characters) not passwords
There are others but that is a good start
For home users:
Firewall / wifi router should be configured to replace the default admin password
Get a good antivirus
Get a multi terabite NAS drive and save your critical files to the NAS drive.
Disconnect the NAS drive when not actively backing up files
Backup at least once per week.
DONT OPEN UNKNOWN EMAILS!!!!
Get an antivirus program (usually subscription) that includes email scanning
I’ve been hit with ransomware.
I went online at another computer and looked it up and downloaded the 2 pages of instructions on how get rid of it.
You dont let your PC open windows. I forget now.
But i’m SURE this is 1000 times more complex.
This is why my desktop computer has the current version of Norton Security. One thing Norton Security does is very sophisticated heuristics analysis of malware, an analysis that automatically stops just about all “unknown” infections. Also, both Google Mail and Yahoo! Mail have the ability to immediately delete or quarantine any email with suspicious executable files.
Yeah, but that’s BEFORE you get hit...
__________________________________
Simple Fix:
1. Malwarebytes | Free Cyber Security & Anti-Malware Software
https://www.malwarebytes.com/
Download Free Version. Run. Boom.
2. Do all Windows Updates
If the death penalty for hacking and virus spreading were mandatory- and actually carried out - this crap would stop.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.