Security advice in the wake of WannaCry and Not(Petya)

Posted by   Martijn Grooten on   Jun 30, 2017

The recent outbreaks of WannaCry and (Not)Petya have left many users and organizations understandably confused about what to do and how to fend off such attacks. Thankfully, security experts are always happy to give advice. I decided to collect together and compile a list of the most important, and most frequently given, advice.

  • Always install software patches, especially those fixing security issues – but be aware that some 'security fixes' are fake and actually install malware, and that sometimes, as in the (Not)Petya case, update mechanisms may be compromised to serve malicious updates.
  • Only open attachments in emails from people you know – but note that cybercriminals may forge email addresses from people in your address book, or may compromise their email accounts to send malicious emails, so even if an email appears to have come from someone you know, it may not have done.
  • Never enable macros when you are asked to do so – although, to get Adobe Reader to print a PDF document you just downloaded, you will need to ignore the warning and click "Enable All Features".

adobeenableallfeatures.png

 

  • Make sure you keep regular backups to which you have easy access in case of a ransomware infection – but note that the easier it is for you to access your backups, the easier it will be for ransomware to encrypt your backups too.

  • Never pay the ransom – although be aware that, in some cases, paying the ransom may be your only chance of getting your data back.

  • Always upgrade to the latest version of the operating system you are running – although note that software that may be essential to the running of your business or organization may not be compatible with recent operating systems.

  • Follow the advice of security experts – but note that security experts are known to disagree with each other.

Security. It's complicated.

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: Operation Soft Cell - a worldwide campaign against telecommunication providers

Today we publish the VB2019 paper by Cybereason researchers Mor Levi, Amit Serper and Assaf Dahan on Operation Soft Cell, a targeted attack against telecom providers around the world.

VB2019 paper: A study of Machete cyber espionage operations in Latin America

At VB2019 in London a group of researchers from the Stratosphere Lab at the Czech Technical University in Prague presented a paper in which they analysed and dissected the cyber espionage activities of an APT group in Latin America through the…

VB2019 paper: The push from fiction for increased surveillance, and its impact on privacy

In a paper presented at VB2019 in London, researchers Miriam Cihodariu (Heimdal Security) and Andrei Bogdan Brad (Code4Romania) looked at how surveillance is represented in fiction and how these representations are shaping people's attitudes to…

VB2019 paper: Oops! It happened again!

At VB2019 in London industry veterans Righard Zwienenberg and Eddy Willems took a detailed look at the relationship between past and current cyber threats. Today, we publish both their paper and the recording of their presentation.

Job vacancy at VB: Security Evangelist

Virus Bulletin is recruiting for a person to be the public face of the company

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.