In the wake of the international WannaCry ransomware attacks, reports have recently surfaced that another attack, potentially related to an existing strain of malware called Petya, has been infecting computer systems throughout Europe and the United States.
While little is currently known about the new ransomware, it bears a striking resemblance to the WannaCry attacks in that each infected user must pay the equivalent of $300 in the cryptocurrency Bitcoin before regaining access to their files.
“Today’s attack hit critical infrastructure—finance, transportation, manufacturing and more,” Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA), said. “It is much more than an inconvenience. We are more dependent than ever on the data stored across our computer systems.”
Kaiser continued, stating that keeping devices secure started with basic cyber hygiene around software updates and locking down logins.
“Prevention is clearly the goal,” Kaiser said. “However, organizations and individuals should also be prepared to respond to and recover from an attack to minimize downtime and disruptions.”
In order to prevent future cyber attacks for organizations, the NCSA said a good starting point would be to implement the National Institute of Standards and Technology’s Cybersecurity Framework. Currently used by multiple departments within the U.S. government, the framework’s provisions address specific issues related to threat identification, protection, detection, response, and recovery.
The organization has also offered steps that individual users could take in order to make their personal devices more secure including updating critical software as soon as new versions are available, making strong authentication passwords and usernames, conducting regular system backups, and checking with software vendors for any potential vulnerabilities.