Recover from the Petya Cyber Attack

Cyber attackers are continuously evolving their methods of intrusion. Organizations must stay ahead of them to remain protected.

Navigant’s global Cybersecurity practice predicted that 2017 was going to be year of the cyber attack. Little did we realize that prediction underestimated the severity of the problem. Barely a month after hackers leaked tools stolen from the U.S. National Security Agency, an attack using the same tools took place.

Cyber attackers are continuously evolving their methods of intrusion. Organizations must stay ahead of them to remain protected. No longer is it enough for organizations to implement technology and hope it will solve their problems; cybersecurity is a process of continuous improvement.

The good news is that simple steps can often protect an organization against many attacks.

Immediate risk mitigation:

  • Ensure all infected hosts are isolated from the network so the problem cannot spread to other hosts.
  • Monitor activity to the following IP addresses and domains associated with the attack.
  • Malware MD5 signatures
  • Anti-virus solutions currently have a low detection rate of the infection; as such organizations, should consider restricting email and file attachments where appropriate
  • Ensure all security solutions are patched to the latest version and are using the latest definitions for an increased chance of detection of potential infection.
  • All machines should be upgraded immediately, since the ransomware has the potential to use the EternalBlue Vulnerability to spread throughout a network.
Learn more

About the Experts

Back to top