An overnight ransomware cyber attack has hit some 100 countries and this morning began filtering through to Australian businesses.
Among the big names to be hit were the US pharmaceutical company Merck, Russia's state oil company Rosneft, the shipping conglomerate Maersk and the UK-based advertising and public relations firm WPP.
SophosLabs has determined that new variants of Petya ransomware (also known as GoldenEye) are behind the massive online attack.
Defensive measures Here’s what cyber security experts are urging computer users to do right now:
Avoid opening attachments in emails from recipients you don’t know, even if you work in HR or accounts and you use attachments a lot in your job.
Ensure you have downloaded the latest updates from Microsoft and have the latest patches, including the one in Microsoft’s MS17-010 bulletin.
Consider blocking the Microsoft PsExec tool from running on users’ computers. A version of this tool is used as part of another technique used by Petya to spread automatically. You can block it using a product such as Sophos Endpoint Protection.
Back up regularly and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
If you don't currently have anti-ransomware software, it can be purchased for as little as $3.99 monthly per machine - no lock in contracts. Call (02) 9194 4299.