NotPetya: Ransomware or Not, Prevention is Better than Cure
It has been almost a week since the NotPetya malware outbreak has happened. The malware, which hit Ukraine and some other European countries last Tuesday, was initially reported to be a ransomware that could cause much more damage than WannaCry, the ransomware which lashed across over 150 countries in mid-May. But then, experts, after analyzing the scenario, came out with statements explaining that the Petya ransomware, which they had started referring to as NotPetya, might not be ransomware at all. They opined that NotPetya is more of what you call a “wiper”.
Well, ransomware or wiper, NotPetya has taken many organizations as well as individuals by surprise. Many have lost their data, forever. Financial losses have been incurred. Day-to-day operations of many organizations have been affected. What’s to be done? Experts can help you take the next step and plan things if by any chance you’ve been affected. Yet, in the light of the NotPetya outbreak (and the WannaCry outbreak and all other ransomware attacks), it has to be said, very emphatically, that prevention is the best thing to be done. Prevention indeed is better than cure!!!
There are different ways in which you could try preventing a malware strike, any malware strike. Let’s discuss here the basic measures that can be taken by anyone- individuals as well as organizations- to prevent potential malware (includes ransomware, wipers etc) strikes…
- Never hesitate in using the necessary security software- antivirus, SSL certificate, endpoint security software, POS security programs, firewall etc. The very basic firewalls can protect you from many malware. Just take a look at this video which shows how firewall software could even protect you from NotPetya.
- Make sure you have a good backup of your all your data. Update the backup regularly. It’s to be remembered that of late ransomware perpetrators sometimes don’t decrypt files even after the ransom is paid. Thus valuable data could be lost in case of a ransomware strike. It’s always good to have a backup of all data.
- Password management has a very important role to play. Passwords should always be strong and it’s also advisable to change passwords regularly. It would also be good if there are different passwords for different accounts/programs.
- Employee Training plays a key role. Employees should be trained on different aspects of security and also on how to tackle security breaches if they occur. They should be made to understand that small mistakes that they could make, like for example clicking on a wrong link or downloading an unnecessary file could lead to major malware strikes.
Rachel Weisz21 Posts
Rachel Weisz is a network security expert/analyst and is an author of many blogs/articles on internet security.