Petya Ransomware Security Notice Update

it security

Following the recent Petya outbreak, we are reaching out to confirm the following:

Important notice / recommendations:

Current landscape:

  • All customers under a BLUE Profile Managed Service agreement are showing as protected and no concerns
  • Sophos customers using Intercept X should ensure they have CryptoGuard and master boot record protection enabled
  • To further reduce the risk of the infection spread, Sophos Endpoint customers can ensure that Adware/Potentially Unwanted Applications (PUA) detection is enabled and that the”PsExec” tool is not authorized or excluded.
  • SonicWall confirms enabling DPI SSL allows firewalls to examine and send unknown files to the SonicWall Capture Advanced Threat Protection (ATP) service for multi-engine sandbox analysis and customers with an active Gateway Security subscription are protected
  • Check Point SandBlast, SandBlast Agent and Anti-Bot protects against Petya ransomware and Loki Bot
  • Check Point IPS protects against the relevant SMB vulnerabilities
  • If you are a Forcepoint customer please consult the following Knowledge Base Article to identify what course of action may be suitable for your product: http://support.forcepoint.com/KBArticle?id=000012832

Further reading can be found at the following partner websites:
Sophos: http://community.sophos.com/kb/en-us/127027
SonicWall: http://blog.sonicwall.com/2017/06/locky-then-wannacry-now-petya-is-this-the-new-normal-in-cyber-security/
Webroot: http://www.webroot.com/blog/2017/06/27/petya-based-ransomware-assaults-global-networks/
Mimecast: http://www.mimecast.com/blog/2017/06/petya-ransomware–an-action-plan-to-improve-your-cyber-resilience-against-this-latest-mass-outbreak/
Check Point: http://blog.checkpoint.com/2017/06/27/global-ransomware-attack-spreading-fast/
Fortinet: http://www.fortinet.com/corporate/about-us/petya-ransomware.html
Forcepoint: http://blogs.forcepoint.com/insights/forcepoint-statement-june-27-worldwide-ransomware-attack-petya
F-Secure: http://safeandsavvy.f-secure.com/2017/06/27/petya-ransomware-outbreak/
IBM X-Force: http://securityintelligence.com/petya-werent-expecting-this-ransomware-takes-systems-hostage-across-the-globe/
Malwarebytes: http://blog.malwarebytes.com/cybercrime/2017/06/petya-esque-ransomware-is-spreading-across-the-world/
Bitdefender: http://labs.bitdefender.com/2017/06/massive-goldeneye-ransomware-campaign-slams-worldwide-users/

Sophos have provided a free trial for Intercept-X for additional protection, which also includes Sophos Clean.

Additional Trials available: Click for more

Download a Free Anti-Ransomware Kit from Sophos at: Download Anti-ransomware Kit

Please contact us if you require immediate guidance / assistance on 0116 218 2120 or via email to: support@blueprofile.co.uk

About BLUE Profile:
Founded 20 years ago, BLUE Profile is an independent IT Support, Consulting, Security & Infrastructure Managed Service Provider working with customers to Transform, Secure, Maintain and Simplify their IT infrastructures. As a Trusted Advisor, we help reduce risk, complexity and cost whilst delivering increased efficiency and agility across the business.

We provide an agnostic and holistic approach to secure solutions partnering with world renown vendors including:
Sophos | SonicWall | Check Point | Fortinet | Forcepoint | F-Secure | Mimecast | Lumension | Ivanti | IBM | HPE | Malwarebytes | Bitdefender

Subscribe / Unsubscribe:

  • Opt-in and subscribe to the NEW monthly News & Views service and receive a copy of 2017 SonicWall Annual Threat Report
  • follow us on twitter
  • follow us on LinkedIn