The first Online Mobile Malware Observation for Android from Upstream
infosec

The first Online Mobile Malware Observation for Android from Upstream

Secure-D, the Upstream security platform, the leading Greek technology company, launches the first online Mobile Malware Observatory with ...
Read More
infosec

Password Alert: 72% of users are recycling passwords!

Password Alert: Users recycle the same password on average four times, according to a Security.org report ....
Read More
infosec

Oakland: The third US city forbidding face recognition

Oakland, California, becomes the third US city that has decided to ban face recognition software from ...
Read More
infosec

Apps are removed from the Google Play Store due to ads

Google has taken strictest measures against apps in the Play Store, which are trying with insidious methods to abuse their ...
Read More
infosec

Israeli spyware was detected on Google, iCloud and Facebook

An Israeli spyware from NSO has been particularly discussed over the past year. One of the most recent incidents concerns ...
Read More
Latest Posts

Wannacry Ransomware: He lives among us

It is a fact. Wannacry lives in our midst and is still a major threat to companies and organizations. Learn how to protect yourself effectively.

Wannacry, also known as WannaCrypt we first hosted 2017 in May, where he ran massively high-profile goals around the world. Some of the first major attacks, at 12 May, were targeted at the UK National Healthcare System, the transport company FedEx and the Spanish mobile telephony service Telefonica.

The Ransomware has managed to provoke chaos exploiting significant Windows vulnerability, allowing attackers to access systems, encrypt data, and require bitter ransom payments to decrypt and recover those data.

After two years, WannaCry is still a threat. As experts now warn, a significant number of companies and organizations are still vulnerable to WannaCry due to the use of older computer systems due to a lack of security investments and a general lack of security skills.

As researcher Andrew Morrison points out, "WannaCry is clearly a threat to a large number of unsupervised systems. Malicious agents can now easily detect unsupported systems and direct WannaCry to conduct targeted attacks. "

But this is not new. In fact, WannaCry used the same system as his predecessor, NotPetya. The actual toolkit that was used and stolen from NSA, continues to pose a threat to the creation of new variants of the attack. "While the patches that have been released are successfully experiencing the NSA and WannaCry toolkits, their use of new vulnerabilities is still a threat. Users believe they are safe because they did patch what they saw, but the threat evolved using the same set of tools and it can hit again. "

In particular, it is based on data obtained from the Shodan, there are more than 400.000 devices in the US that are still vulnerable to Wannacry. Systems primarily used in construction and industrial control systems are at a particular risk, as many of them work on older versions of Windows (or, in general, run on Windows, which certainly strengthens the threat). Companies are reluctant to proceed with system updates because the process may interfere with production capabilities.

What should companies do about it?

In order to remain a step ahead of the threat, organizations should conduct checks on their systems for updating their vulnerability systems and then look for tools and policies to make this practice more effective. A good example of this is to move in the direction of the strongest automation of the update procedures.

The second part is the procedures recovery and recovery. Organizations are trying to prepare their systems, data and business processes to withstand attacks through "air-gapped"Recovery solutions to have an entry point that is clean and unaffected by threats.

The basic concept of an air gap model is simple. If the data can not be accessed, then it can not be infected or destroyed. A simple implementation of this model typically involves capturing data security buffers in an offline storage system that is offline and therefore can not be connected to any public network.

This ensures that there are no vulnerabilities to exploit, and the data remains secure as malware can not be propagated, which allows safe storage of critical data and system recovery if needed without loss.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *