Petya Attack And Unpatched CVE’s
he headlines are back just six weeks after WannaCry. Petya, a malware that was identified in early 2016, has reemerged using the same EternalBlue exploit to spread through networks. And unfortunately, Petya’s affecting way too many companies. Some of which have had to cease operations.
So here’s the question, how many attacks need to happen before you decide it’s time to deploy patches?
Cyber attacks and malware look for the path of least resistance to get into your network. Too often those vulnerability paths have been well known for months yet remain unpatched, leaving clients and servers vulnerable. If something as simple as patching can protect a business from losing millions and damaging their reputation - why doesn’t everyone do it? Because it’s long been considered to be a pain in the ass. Some small companies don’t even bother with patching because they have too much on their plate already and they are willing to take the risk.
That’s no surprise, patching is a needlessly cumbersome process. It’s time and resource intensive, free tools are complicated and don’t always work the way they are supposed to, existing solutions don’t work across all OS’s not to mention they’re expensive and still require manual intervention, the amount of 3rd party software is impossible to keep up with, distributed workforces need VPN or a secure cloud option to stay updated, and the list goes on.
Even with these concerns, IT managers know that at some point they have to patch since it’s critical to maintaining a secure infrastructure. That’s why patching is at the top of IT manager’s list of tasks they want to operationalize. To truly focus on the most critical network vulnerabilities, IT managers need to automate repetitive tasks like patching and updating systems.
This is why we created Automox, to offer companies of any size a fast, simple, and affordable patching solution. We’ve automated the entire patching process for every OS and software you use, reducing the time spent on patching by more than 90% for our customers. From identification to remediation, patches can be applied in minutes, not months.
Malware like Petya relies on people running outdated operating systems or unpatched operating systems. Once inside a network malware can multiply rapidly. According to HackerFantastic, "Petya ransomware successful in spreading because it combines both a client-side attack (CVE-2017-0199) and a network based threat (MS17-010)." And, anti-virus alone is not enough protection. A VirusTotal scan showed that only 16 of 61 anti-virus services can successfully detect the Petya malware.
It’s easy to be overwhelmed with best practice recommendations, yet there are three key pillars that form the basis upon which all other security tools rest - antivirus, backup, and patching. For many, maintaining backups and running a current antivirus product are the norm, but, as noted above, keeping systems and software patches up to date is ignored or forgotten far too often. With automated platforms like Automox it doesn’t have to be that way.
To make sure you’re protected against Petya, apply the patches for EternalBlue (MS17-010), disable the file-sharing protocol on SMBv1 on your Windows servers and systems, and disable Windows Management Instrumentation Command-line (WMIC).
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trialof Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.