Users used to search; how to protect yourself from Petya/goldeneye ransomware? How to fix Ransomware? Any anti ransomware tool? How to stop Petya? How to prevent Ransomware? How to tell if you have ransomware on your PC? Any ransomware detection software that kills ransomware? And so on...
Malicious malware has spread into large firms & hit high-profile targets like big multinational organizations and critical infrastructure suppliers. Including the Danish transport company 'Maersk,' "National Bank of Ukraine," the DLA Piper, a US-based pharmaceutical company "Merck" got infected and now it heading to personal computers and all their data is being locked and demanding for ransom.
Some authorities describe this new tautology “NotPetya” or “GoldenEye,” while others still call it as "Petya." Despite the name, it has already kicked more than 1800 targets, and more than 12,000 systems from 63 countries worldwide are getting infected.
Protecting against Petya is same as that of defending systems against any other type of malware. In short, we need to always follow some basic strategies like backing up important data, implement the latest security firewalls or cryptowall updates, remove and clean suspicious tools and its services. Still, implementing the robust security mechanisms is not that much enough if your team members are not aware and instructed about their security rules. It could be as easy as being told not to click on links & open unfamiliar websites or avoid checking unrequested emails. Check quick tips to fix ransomware.
If you have missed, recently I have published an article; Top 12 Best Ways To Identify & Protect Against Phishing Scams | Email Phishing Prevention and today here I want to share some quick tips and simple ways to prevent and be secure from ransomware viruses including Petya or GoldenEye.
Follow steps and make changes as possible as you need. Also if you know any other way then you can share your thoughts via the comment section shown below.
Do you know; [Facebook Security Alert] Use 3 Passwords To Access Facebook Account // FB Update
Petya/GoldenEye/NotPetyaLike WannaCry, Petya practices the Eternal Blue exploit to spoil the Windows system devices, particularly target earlier versions of Windows operating systems. It does not work like WannaCry where it starts encrypting your data files and folder one by one; instead, Petya/GoldenEye is more serious malware and having the ability to destroy the whole hard drive.
Moreover, with lock, it even blocks you entering into your own system. And you get failed to recover ransomware files from the PC.
You may also like to know; Top 10 Best WordPress Security Plugins To Protect Your Website & Data
How does the “Petya” ransomware work?While Petya is trying to damage your computer system, a black screen with message text is shown on display, then the system will forcefully restart to perform the encryption ransomware.
Initially, the first steps performed by Petya can easily be ignored by the user as it looks like the Windows process of boot scan or repairing the system. And once the malware process performed and your PC is rebooted then you will see that your system is encrypted and a message is shown on the ransomware screen to alert you to pay the ransom amount.
7 Tips To Protect Against Petya/GoldenEye RansomwareThe ransomware attack is an extremely trouble as it locked up your valuable files and even money too. So you require staying focused & be alerted to any unusual & uknown activities on your machine.
Get total protection to prevent ransomware attacks like Petya/GoldenEye proactively:
1. Best way is to backup important files & folderIn these circumstances & fast growing cyber world, backing up your data is of the utmost importance. An operating system can be reinstalled and so the software too, but your data could probably be lost forever. The most necessary files to backup are probably your documents, pictures, music, and other user files.
Creating a backup of your valuable and important files is essential to avoid losing your critical data, especially encrypted by Ransomware, it’s better for you to build a habit of making a back-up frequently and correctly.
You must know; Top 3 Challenges for Staying Safe Online While You Surfing The Internet 2020 | Beginners Guide
2. Fix System VulnerabilityThe system vulnerability is the most preferred target of any malware attack. It’s essential to keep your system updated and secure.
Check the latest OS updates, patches for your existing Windows versions and download/install them from official Microsoft website. Remove older version Windows and its softwares.
Check out; 6 Ways To Protect An eCommerce Website [Online Store] Against Hacks & Frauds
3. Create and Maintain a Strong Password SystemPasswords are your first choice for defense against any cyber attack. A secure password can help you enhance the security of your machine by blocking malicious attacks from entering your system efficiently.
You must create your own strong, long, memorable mixed-character passwords. Having a stronger password can mean all the difference in securing your system account.
RECOMMENDED: Top 10 Ways To Secure WordPress Websites Like A Pro | WordPress Security Best Practices
As a professional you must know; Wildcard SSL Certificates & Its Importance to Business | PR | DA | SEO | Security Certification
4. Disable "winmgmt - Windows Management Instrumentation."Windows Management Instrumentation (WMI) service automatically starts while system boot under the LocalSystem account. The "winmgmt" service can be managed by Petya to increase the ransomware.
How to stop WMI service?
Open command prompt >> enter "net stop winmgmt"
Other services that rely on the WMI service also stop, such as "SMS Agent Host" or "Windows Firewall."
More about WMI: https://docs.microsoft.com/en-in/windows/win32/wmisdk/starting-and-stopping-the-wmi-service
If WMI service is stopped, you then not able to manage, monitor, or get data about the resources on the system, especially remotely.
Recommended to check: Major 15 Ways, How To Secure Gmail Account From Hackers | Google Security Tips
5. Disable "SMB1"The first SMB1 protocol is almost 28 years old, SMBv1 is an old deprecated network protocol and chances are getting controlled by Petya ransomware. Petya/GoldenEye uses the vulnerability in the SMB service of the system to spread and perform encryption.
You can reasonably disable it to stop the Petya malware attack. But there's a possible chance that 'file and print sharing' may get failed to start and work on LAN (local area network).
More about SMBv1: https://support.microsoft.com/en-us/help/2696547/detect-enable-disable-smbv1-smbv2-smbv3-in-windows-and-windows-server
If you don't wish to disable SMBv1, then follow these tips strictly:
- Only get into the secure networks and avoid sharing your valuable data and files on SMBv1 connections
- Check incoming/outgoing SMB traffic with your firewalls
- Allow SMB to only localhost (your own PC) via localhost firewalls
6. Install Powerful Antivirus To Protect SystemAnyone who manages a Windows PC knows how powerful it is to have a reliable antivirus program. It is the easiest but efficient way to block ransomware.
It is even more secure to use robust security software or cryptolocker ransomware removal tool which specially installs an anti-ransomware engine with real-time protection to protect the computer against Petya attack.
7. Follow PROBLOGBOOSTER.Don't forget to follow PBB newsletter that will keep you updated and informed about new tech tips and how to guides.
Bottom LinePetya is an advanced version of the malware, including various attack vectors used, both modern and old. The virus causes the system to crash, and the encryption of files occurs once the computer is rebooted. The best plan to fight against ransomware is ensuring the fundamentals security steps are executed properly. Start by educating yourself and your team members about cybersecurity procedures and its importance, while protecting your company with necessary steps as shown above.
Quick suggestion, make sure to execute a next-generation endpoint security solution like an application control system that only permits trusted software to run and make changes in your computers by making your system fully protected from Petya or any future pieces of malware viruses.