Should You Be Worried About Petya?

by Scott McPheeters, Chief Security Officer, Healthx

 No doubt, you’ve heard all about the recent Petya ransomware attack. A cyberattack believed to have originated out of the Ukraine, Petya is believed to be rooted in a tax accounting software from a Ukranian company. The malware encrypts files on an infected computer, making them inaccessible unless the user pays a ransom of approximately $300 in bitcoin, a digital payment system. Unless the user pays the ransom, the computer’s files and hard drives remain inaccessible. The attack on June 27 targeted companies in at least 65 countries. Scary stuff.

This certainly isn’t the first cyberattack of this kind. The recent “WannaCry” ransomware outbreak affected 150 countries. Like Petya, it demanded $300 in bitcoin to release the computer. The good news is that a “kill switch” was identified with WannaCry that was used to shut it down. No such kill switch has been found with Petya, although experts are working feverishly to find a way to stop it. Even worse, recent evidence suggests that Petya is not actually ransomware, but is actually a “wiper;” that is, a virus that will simply destroy the disk. REALLY scary stuff.

The recent malware and ransomware attacks target out-of-date systems that have not been updated with fixes, either at the enterprise or individual computer level. Attacks seem to be mainly in Ukraine, but companies across Europe and the United States were affected, included pharmacy giant Merck and Pennsylvania’s Heritage Valley Health System, proving that nobody is immune.

So what can you do to protect yourself?

  • First and foremost, you must stop attempts to spread Petya using the EternaBlue exploit. EternalBlue exploits a Microsoft vulnerability that was patched by Microsoft in March 2017 – see MS17-010 for details. In the case of WannaCry, it was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack. Make sure you run the patch on all computers across your network.
  • Keep all your operating systems, firmware and software updated.
  • Be cautious of emails from unrecognized senders, and especially those with attached documents that could be used to launch the attack.
  • Make backup copies of your data frequently to ensure you don’t lose them. When making copies, do not store them on your local network.

So what are we at Healthx doing?

As we mentioned in a recent blog post, security is a non-stop obsession with us. On any given day, we hear about new threats, new malware and new attacks. As such, we are constantly addressing security concerns.

These efforts are not just limited to our technical staff. We have ongoing dialog with our operations teams and company leadership, which means we have buy-in at all areas and levels of the organization. When we have a unified approach like this, we have a unified commitment and prioritization where security is concerned. We recommend our customers take the same approach with their own organizations.

When developing our software, security is an integral part of the process from day one. And that carries through until code is put into production and beyond.

Testing, testing, testing. We conduct penetration testing repeatedly to identify any vulnerabilities. Given how quickly things can change, we don’t think that’s enough. We also try to find other vulnerabilities. For instance, we will send our own phishing emails to our staff to ensure we are not putting ourselves at risk.

Finally, we work with our customers to make sure we’re meeting their specific needs. Our customers decide who has access to specific functions, when to use two-factor authentication, and see what information has been seen and by whom.

Update often. Test always.

There may be reasons you want to delay updating your systems, but when you delay, you put your enterprise at risk. This is what the cyber villains are hoping for. Make sure you are updating your systems and test your vulnerabilities continually. The costs to health plans can be catastrophic. Make security among your highest priorities. It’s what we do at Healthx every single day.