Leading Australian cloud security technology company FirstWave Cloud Technology Ltd has confirmed that the new “Petya” malware has not breached its cloud-based security platform.
The new “Petya” ransomware in the current attack was using the same exploit, a program that takes advantage of a software vulnerability, as “WannaCry”. The exploit, EternalBlue, was leaked by the Shadow Brokers hacker group in April and is thought to have been developed by the US National Security Agency.
These malware attacks, such as today’s ‘Petya’ ransomware, ‘WannaCry’ ransomware and the recent ‘Adylkuzz’ attack continue the sophistication and frequency of attacks to Australian small- and medium-sized businesses (SMBs) by destroying vital business information and IT systems.
FirstWave CTO, Simon Ryan, commented: “Once again another example of the huge increase in cyber risk so SMBs need to ensure they have enterprise-grade quality cloud security across all threat vectors including email, web and firewall solutions.
“We see the attackers are following the same basic pattern as the recent WannaCry attack, however by focusing the encryption process on file metadata and master boot record rather than using a data first approach, like WannaCry, this new ransomware has evolved to be more effective at completing the encryption process and locking out the users.
“We will continue to monitor this attack and their various strains to ensure protection for our customers and provide updates accordingly. Companies also need to be vigilant and ensure all software security patches are installed and up to date.”
The increase in malware detections validates the effectiveness of FirstWave’s cloud security tools, and demonstrates that SMBs face a growing business risk from malicious software penetrating traditional security defences, thereby compromising their customers, systems or data.
FirstWave is well-positioned to protect against this growth in malware by offering SMB customers a suite of comprehensive, integrated enterprise-grade cloud-based solutions spanning email, web and next-generation firewall, which incorporate world-leading security technology.