The two key ways to ensure that an organization survives the recent ransomware attacks include all systems, including servers, client machines, and networking gear have up-to-date patches and second, data backups are made regularly, and data restoration is tested, said an industry leader.

Companies should also regularly conduct Vulnerability Assessments and Penetration Tests (VA/PT), to ensure that rogue malware and traffic can’t get into the infrastructure, and that no malicious data can leave unchecked, said Managed, a Dubai-based leading provider of online threat management solutions.

This should be coupled with frequent user security awareness training exercises, it added.

Managed FZ-LLC is responsible for making sure that companies large and small in the UAE are not exploited by this new ransomware threat. Managed has been busy helping large customers assess the overall security of their IT infrastructure with the Radius VA/PT service, as well as perform packet analysis to see what exactly is going through their networks – in order to ensure a secure IT environment.

In addition, Managed sent an alert to its customers via its proprietary Managed Security Threat Advisory service – in advance of mainstream media, so that they can be forewarned and prepared.

Two months after one of the worst ransomware attack in history was conducted via WannaCry, a newer, more dangerous version is out in the wild. Security researchers have called it Petya, and it’s even more devastating than WannaCry. Petya has some of the same characteristics of WannaCry, including using the notorious EternalBlue exploit for Windows.

The only difference with Petya is that, according to one well-known security researcher, it is currently spreading over local networks. This threat of a more advanced WannaCry that could be spread through phishing and spammy emails and links should be enough to seriously alarm IT managers.

One of the main reasons as to why WannaCry and now Petya are so successful in their infection is because of unpatched systems.

According to Krebson Security, Microsoft did release a patch for EternalBlue exploit in March, but only a few companies took the time to install the patch and update their systems. The many that didn’t were the victims of WannaCry, and now Petya.  – TradeArabia News Service