Posted on Jun 26, 2017
Just recently, we wrote about how in the aftermath of the WannaCry attack, companies should keep their guard up and be prepared for similar ransomware attacks: Enter the Petya attack.
The Petya family of malware is a ransomware variant that encrypts both the files and the partition of the hard drive, displaying a bootup message to the user. In other words, it’s the revenge of WannaCry- a bigger, badder attack with global reach.
But what really makes this attack interesting is: 1) yet again, hackers are leveraging the NSA’s exploit kits, and 2) machines running Windows 10 can also be infected this time around.
The SecurityScorecard research team performed an analysis of our proprietary data last week and found that there was SMB/Port 445 scanning activity that gives us insights on the Petya attack.
The spike of this scanning activity over the weekend may indicate that infections were attempting to automatically propagate across the internet. Additionally, this also may show a renewed interest by researchers who, like our team at SecurityScorecard, were working on identifying exploitable conditions before the malware strikes. The quick downturn after June 24th shows us that security practitioners may be quickly cleaning up their machines.
Immediate Lessons Learned:
The SecurityScorecard research team is currently running another global internet scan as well to identify exploitable conditions. Stay tuned for another update within the next 72 hours.
Our SecurityScorecard team did a follow up look at this attack and found the following:
Vendor management is the process an organization utilizes to assess and manage a third- or fourth-party vendor. Learn how SecurityScorecard can help.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
Co-founder and CEO, Alex Yampolskiy, speaks about the importance of measuring and acting on key indicators of cybersecurity risk.
You’ve invested in cybersecurity, but are you tracking your efforts? Check out our list of 20 cybersecurity KPIs you should track. Read more.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.