Dubai PR Network, Online Press Release from Dubai and Middle East
 
Computer Software(Technology)
Filter PR by
  
New Ransomware Attack – “Nyetya”
 

Interview with Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco

Introduction:
Cisco’s security research organization Talos’ initial analysis of the global ransomware worm attack that has affected multiple organizations worldwide points to the attack starting in the Ukraine, possibly from software update systems for a Ukrainian tax accounting package called MeDoc. This appears to have been confirmed by MeDoc itself. MeDoc is a widely used tax software used by many organizations in or doing business with Ukraine. There have been other reports of this attack appearing in France, Denmark, Spain, the UK, Russia and the US. 

Once this ransomware enters your system, it uses three ways to spread automatically around a network, one of which is the known Eternal Blue vulnerability, similar to how last month’s WannaCry attack unfolded.

What’s clear from this, and recent attacks, is that organizations must prioritize patching systems to lower their risk profile. We have to patch as quickly as we can. In addition, making back-ups of key data is a fundamental of any security program.

What can you tell us about the attack?

  • Today we saw our second ever ransomware worm, coming on the heels of WannaCry last month
  • This ransomware outbreak has affected multiple organisations in several countries today, Cisco’s security research organisation Talos is actively investigating this new malware variant. 
  • This new ransomware variant encrypts the master boot record (MBR) of a system. Think of the MBR as the table of contents for your hard drive – clearly very important.
  • Talos’ initial analysis points to the attack starting in the Ukraine, possibly from software update systems for a Ukrainian tax accounting package called MeDoc. 
  • This appears to have been confirmed by MeDoc itself. MeDoc is a widely used tax software used by many organisations in or doing business with Ukraine. There have been other reports of this attack appearing in France, Denmark, Spain, the UK, Russia and the US. 
  • Once this ransomware enters your system, it uses three ways to spread automatically around a network, one of which is the known Eternal Blue vulnerability, similar to how last month’s WannaCry attack unfolded.

What is ransomware?

  • A type of malware that locks down your computer/system and takes control/encrypts your data and demands a ransom

What is bitcoin?

  • A crypto currency used online
  • Bitcoin is not controlled by any one government or state
  • Because it allows for anonymity, it is ideal for attackers

Do we know what organisations were impacted?

  • Reported victims so far include Ukrainian infrastructure like power companies, airports, public transit, and the central bank, as well as Danish shipping company Maersk, pharmaceutical company Merck, the Russian oil giant Rosnoft, and institutions in India, Spain, France, the United Kingdom, and beyond.

How did this attack start?

  • Cisco’s security research organization Talos’ initial analysis points to the attack starting in the Ukraine, possibly from software update systems for a Ukrainian tax accounting package called MeDoc. This appears to have been confirmed by MeDoc itself. MeDoc is a widely used tax software used by many organizations in or doing business with Ukraine.

How is it spreading?

  • Once this ransomware enters your system, it uses three ways to spread automatically around a network, one of which is the known Eternal Blue vulnerability, similar to how last month’s WannaCry attack unfolded.

How is this different to WannaCry? Is there a ‘killswitch’ for this attack?

  • This ransomware doesn't seem to incorporate the errors that hindered WannaCry from spreading. Specifically, this attack doesn't seem to have a kill switch function. It is also harder to detect since it moves within a network. It is not scanning of the internet like WannaCry did.

Who is responsible for this attack?

  • Attribution is difficult in attacks like this
  • Cisco is focused on understanding the attack and protecting our customers

What is Cisco’s recommendation for customers to protect against this?

  • Ensure your organisation is running an actively supported operating system that receives security updates.
  • Have effective patch management that deploys security updates to endpoints and other critical parts of your infrastructure in a timely manner
  • Run anti-malware software on your system and ensure you regularly receive malware signature updates
  • Implement a disaster recovery plan that includes backing up and restoring data from devices that are kept offline. Adversaries frequently target backup mechanisms to limit the possibilities a user may be able to restore their files without paying the ransom.
  • If vulnerabilities aren’t patched, an organisation will continue to be at risk for infection by this ransomware.

Posted by : Dubai PR Network Editorial Team
Viewed 7509 times
PR Category : Technology
Posted on : Thursday, June 29, 2017  12:02:00 PM UAE local time (GMT+4)
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of DubaiPRNetwork.com.
Previous Story : Polycom and Microsoft Announce Two Major New Innovations to ...
Next Story : Genetec named ‘Access Control Solutions Vendor of the Year' ...
Email this article Print this article

Share this article with your friends and followers
NewsVine
Back to Section Home

Related Stories



 
 
Most Viewed Press Release posted in the last 7 days
LG DUALCOOL Air Conditioner Builds a Tower of Chocolate [12609-Views]
Dune London: The Autumn/Winter17 campaign [10096-Views]
Max Mara: Iconic Coats - Manuela & Teddy. [9058-Views]
Contour, Highlight and Bronze your Body with Ease with Madame LA LA [7875-Views]
Vintage is the rage for new Chronofighter range [7869-Views]
SAINT HONORE Charisma “Twist” for elegant lady [7405-Views]
LG Robots to Connect People for A Better Tomorrow [6838-Views]
Marina Rinaldi : Ashley Graham continues her role as the face of the brand for the Fall/W... [6838-Views]
Ferrari Portofino: the Italian Grand Tourer par excellence [6558-Views]
CITIZEN opens refurbished boutique at Sharjah City Centre [6551-Views]
Exhilarating new Roger Dubuis pop-up boutique in the US [6198-Views]
Panasonic announces robust plans for Middle East under new leadership [6002-Views]
Mango Fall/Winter17 - Denim Special [5832-Views]
Michael Kors Collection Spring 2018 Fashion Show [5826-Views]
Dubai Culture Takes ‘Dubai Next' to London Design Festival [5582-Views]
TAG Heuer's Globetrotter Exhibition Opens in Dubai Mall on September 15, As Part of an Amb... [5466-Views]
Ulysse Nardin Presents Classico Zheng He [5392-Views]
Weekend Max Mara : The Pasticcino Bag - Fall/Winter 2017 [5350-Views]
Kate Upton, Ashley Graham, Andreea Diaconu, Skai Jackson and more in Michael Kors to a Par... [5338-Views]
Huawei CBG supports the Middle East Innovation Agenda by bringing cutting-edge innovative ... [5289-Views]
'COÉGA'S Got You Covered' in New AW17 SPF50 Family Swimwear Collection [5154-Views]
New Balance Introduces the 574 Sport in Celebration of the Dubai Mall Store Opening [5087-Views]
Malabar Gold & Diamonds recognized as the ‘Superbrand' 5th time in a row by Superbrands Co... [5069-Views]
The Longines Avigation BigEye: Aesthetics and tradition in a pilot's watch [5026-Views]
NMC Healthcare wins ‘Brand of the Year 2017' by Superbrands [4770-Views]
 
RSS Facebook Twitter LinkedDin
 
Top Sections
 
Top Stories