Cyber Safety for Employees – Petya and WannaCry Update

PetyaPetya . . . the latest in encrypting Ransomware

Petya, WannaCry and variants have attacked thousands of computers, hundreds of companies and is causing havoc in cyberspace. It seems there is no end to the mischief these outbreaks have caused. Adding insult to injury, victims cannot pay the ransom because the email address to confirm payment has been shutdown by authorities. But, you can avoid the disaster by using some common and computer sense.

Separating truth from hype

It is so hard to know what is real. You can read all the available information and still have no idea how to protect your computer. Often it seems the best thing to do is just turn off all your electronics, but there must be a better way. There is if you take precautions.

Update your operating system

If you are still using XP and Server 2003, update your operating system. Unless you have a compelling reason, like legacy software, to use a non-supported operating system, upgrade it. In the unique circumstance where you are bound to use an out-of-date OS, make sure it is not accessible from your network or the Internet and that you have the highest level of security and monitoring available.

Keep your systems patched

Even current, supported operating systems and applications need patching. As vulnerabilities are uncovered and new features are added, software vendors will issue patches. Basically, there are two types of patches, critical and non-critical. Always apply critical patches.

In a rare move, Microsoft issued patches for non-supported operating systems to combat the WannaCry outbreak. The malware used a vulnerability deep in the operating system that could be patched.

Become an expert on how to detect a phishing attack

Whether an email, IM, phone call or website, something that tricks you into doing something that gives up your personal information or grants access to your computer is a phishing attack. As you can imagine, the name comes from fishing. You bait a hook and see what you get. It is not surprising that so many people are taken in by phishing scams. The scams are quite plentiful and the bait looks like the real thing. Phishing is the number one way of delivering ransomware. Learn how to spot them and avoid being a victim. Remember, just like learning anything, it takes practice to spot phishing and other online scams. Keep your eyes open and be vigilant.

For more information, see our article: Cyber Security for Employees – Phishing

Have a current, offline backup

Take a moment to review your backup strategy. There are only two questions that you need to answer:

  1. Is your backup current?
  2. Do you have an offline copy of your backup?

If you answered no to either of these questions, stop right now and fix your backup. For more information, see our article: Data Backup – Easy as 3-2-1

Err on the side of caution

If you have any doubt, stop. Get someone to look at it with you. Think about it. Look at it again. Remember, the phisher is hoping you will act impulsively, not rationally. Often, if you look harder at phishing attempts the scam becomes clear. Take a second look, it could prevent the nightmare of identity theft and ransomware. If you believe an email or other communication may be legitimate, contact the company directly to inquire before doing anything.

If you see something suspicious, report it. Merchants, banks and law enforcement should be contacted if you suspect your identity has been stolen. Phishing can be reported to US-CERT at phishing-report@us-cert.gov, the Anti-Phishing Working Group at reportphishing@antiphishing.org, FTC at spam@uce.gov or the Internet Service Provider/Registrar.   If you see something that concerns you and want to discuss, you can contact at our HelpDesk at 770 662-0312 or email HelpDesk@lansystems.com.

About Mary

Mary is the CEO of LAN Systems. She is an electrical engineer who feels her greatest strength is the ability to connect with people. LAN Systems provides IT managed services and solutions to growing companies and non-profit organizations. You can contact Mary at mary@lansystems.com.

Speak Your Mind

*