Security advice in the wake of WannaCry and Not(Petya)

Posted by   Martijn Grooten on   Jun 30, 2017

The recent outbreaks of WannaCry and (Not)Petya have left many users and organizations understandably confused about what to do and how to fend off such attacks. Thankfully, security experts are always happy to give advice. I decided to collect together and compile a list of the most important, and most frequently given, advice.

  • Always install software patches, especially those fixing security issues – but be aware that some 'security fixes' are fake and actually install malware, and that sometimes, as in the (Not)Petya case, update mechanisms may be compromised to serve malicious updates.
  • Only open attachments in emails from people you know – but note that cybercriminals may forge email addresses from people in your address book, or may compromise their email accounts to send malicious emails, so even if an email appears to have come from someone you know, it may not have done.
  • Never enable macros when you are asked to do so – although, to get Adobe Reader to print a PDF document you just downloaded, you will need to ignore the warning and click "Enable All Features".

adobeenableallfeatures.png

 

  • Make sure you keep regular backups to which you have easy access in case of a ransomware infection – but note that the easier it is for you to access your backups, the easier it will be for ransomware to encrypt your backups too.

  • Never pay the ransom – although be aware that, in some cases, paying the ransom may be your only chance of getting your data back.

  • Always upgrade to the latest version of the operating system you are running – although note that software that may be essential to the running of your business or organization may not be compatible with recent operating systems.

  • Follow the advice of security experts – but note that security experts are known to disagree with each other.

Security. It's complicated.

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

VB2018 preview: hacking cars

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by…

Where are all the ‘A’s in APT?

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.

VB2018 preview: Wipers in the wild

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.

VB2018 preview: IoT botnets

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.