Petya, Goldeney or NotPetya. Specialists are not even sure about the origin of the attack
Just a month ago, WannaCry struck and lamed the health care system in England, stopped production at an automobile manufacturer and established chaos at the German railroad organisation. Now there is a new so-called “Encryption Trojan” and the origin is uncertain. Some say it is a branch of Petya, others call it Goldeneye or even NotPetya.
However, the attack seems to be taking place on a larger scale. Apart from really big companies such as the world’s largest shipping company Maersk, the DAX group Beiersdorf, the aircraft builder Antonov or the Rosneft oil company, the attack also focusses on the decommissioned nuclear power plant in Chernobyl. As was reported, the electronic radiation monitoring failed and only manual measurements could be carried out.
What’s next? When is the next attack? Who will be affected next time?
When will IT security officers in companies react and finally equip themselves effectively against this type of attack? The fact that an antivirus solution and a firewall are no longer sufficient, everyone should have realized by now.
An effective protection is so simple – Application Control with a Whitelist of approved applications. This is a very useful extension for any antivirus tool in any event, as it can stop not only known, but also unknown viruses. And it is exactly this additional function that helps against Ransomware particularly well. But how does application control work? Imagine you would like to regulate the access to your company. Would you give the doorman 350,000,000 photos of all known criminals worldwide? And also describe to him the patterns that make someone who is not on this list suspicious, for example because he is wearing a mask or has an empty purse with him? Alternatively, you could give the doorman the list of 20-30 people who are allowed to enter the building, and all others have no access and can be added to the list only after a review. I think you’ll agree that this path is not only easier, but also significantly safer. And this is how application control works.