Thousands of businesses, enterprises, and banks in Ukraine and other parts of Europe were attacked by the ransomware in June 2017. Ukrainian police warn people to prepare for next wave of the huge volume of NotPetya-like cyber attack.
Secret Service of Ukraine (SBU) announced that the main attack against Ukrainian-based government institutions and private companies will take place on Defender of Ukraine day in October.
SBU noted that the cybercriminals will use a malicious software similar to NotPetya in the attack.
Similarly, the hackers of the mentioned ransomware applied similar method which is compromising MeDoc (the updated equipment for Ukrainian financial software provider) and swapping it with an update combining the NotPetya malware.
NotPetya turned off machines of Ukrainian-based government and businesses. Once it hit Ukraine the virus was spread out in Eastern Europe.
Russia was accused of the NotPetya attacks. However, it disagreed with accusation and any involvement in the attack.
The Ukraine Secret Service advised businesses and government institutions to prepare for the attacks, inform employees and protect machines and networks against any intrusion.
SBU notifies about preparing for a new wave of large-scale attack against the state institutions and private companies. The basic aim—to violate normal operation of information systems, that may destabilize the situation in the country. The SBU experts received data that the attack can be conducted with the use of software updating, including public applied software. The mechanism of its realization will be similar to cyber-attack of June 2017.
The recommendations in order to protect computers against large-scale cyber attack provided by SBU included:
- Make sure the signatures of antivirus systems and security software are updated on all computers in the network;
- Create backups of data and information processed by the computers;
- Provide upgrades and updates to any systems software and operating systems.
It is quite difficult to discover supply chain attacks and prevent them. Thus, consumers are advised to create backups or a separate storage or drive in order to keep important files safe. In addition to that, it is necessary to train the staff to be vigilant and suspicious before opening and downloading files, clicking on links from unknown senders and so on.
Finally, always make sure to use trustful antivirus software on the system. The reliable Internet Security system will detect and remove any unwanted software and malware intrusion before it compromised the device. Make sure the security suite is always updated for the latest infection-detection.