Petya Attack And Unpatched CVE’s

The headlines are back just six weeks after WannaCry. Petya, a malware that was identified in early 2016, has reemerged using the same EternalBlue exploit to spread through networks. And unfortunately, Petya’s affecting way too many companies. Some of which have had to cease operations.

So here’s the question, how many attacks need to happen before you decide it’s time to deploy patches?

Cyber attacks and malware look for the path of least resistance to get into your network. Too often that is known, yet unpatched, CVE’s. We believe this avenue should be shut down for good. That’s why we created Automox, to offer companies of any size a fast, simple, and affordable patching solution.

Sure patching has long been considered to be a pain in the ass. That’s no surprise, it’s a needlessly cumbersome process. A lot of small companies don’t even bother with patching because they have too much on their plate already and they are willing to take the risk.

We get it, the process is manual, free tools are complicated and don’t always work the way they are supposed to, testing patches before deploying them requires setting up a canary environment to ensure nothing breaks, existing solutions provide some relief but they are expensive and still require manual intervention.

Even with these concerns, IT managers know they have to patch since it’s critical to maintaining a secure infrastructure. That’s why patching is at the top of IT manager’s list of tasks they want to operationalize. They need to be able to focus on what really matters and be confident that patches are up to date. The answer is patch automation.

Here at Automox, we’ve automated the entire patching process, reducing the time spent on patching by more than 90% for our customers. From identification to remediation, patches can be applied in minutes, not months.

Malware like Petya rely on people running outdated operating systems or unpatched operating systems. Once in they multiply rapidly. According to HackerFantastic, “Petya ransomware successful in spreading because it combines both a client-side attack (CVE-2017–0199) and a network based threat (MS17–010).” And, anti-virus alone is not enough protection. A VirusTotal scan showed that only 16 of 61 anti-virus services can successfully the Petya malware.

In addition to anti-virus, make sure you are backing up your data, and implement an automated patch management solution that protects you before the malware is released. From set-it-and-forget-it simplicity to automating workflow, Automox wants to help you get your patches current and keep them that way.

To make sure you’re protected against Petya, apply the patches for EternalBlue (MS17–010), disable the file-sharing protocol on SMBv1 on your Windows servers and systems, and disable Windows Management Instrumentation Command-line (WMIC). 
If you’re interested in learning more and want to talk, let’s set up some time to see how we can help. To try Automox risk free, sign up for a free 15 day trial that provides full access to the patching platform. There is no limit to the number of systems you can add and no credit card required.

As originally published on automox.com