Contrary to what some people think, a dependable managed services provider in Darwin does not only sit and wait for something to go wrong with business computer systems before they hustle and fix computers and network errors, it also takes plenty of work and staying up to date with current tech news to be able to effectively deploy preventive measures.
Here are the latest updates in the technological industry that managed services teams in Darwin should be aware of.
Beware of These Ransomwares
A few months ago, managed services providers in Darwin had ransomware Petya to contend with. This malicious software encrypts and targets the master file table of NFTS hard drive partitions and replaces the master boot record with malicious code. The infected computer would not be able to boot but it would have a ransom note on display instructing the user to pay a certain amount to be able to gain back access to the infected machine.
In previous versions of Petya, the hacker success rate was not as high because it was not able to gain access to the UAC or user account control mechanism all the time, which is what was required to be able to affect the boot system. It was easier for managed services teams in Darwin to clean infected computers once they have been detected so cyber attackers decided that they would turn it up a notch. Petya was then tweaked to run alongside the Mischa ransomware which does not require special privileges to be able to encrypt files and then asks for a ransom amount of nearly 2 bitcoins, or about $880 USD (higher than comparable ransomwares). Mischa also encrypts and affects executable files, not just documents, videos, pictures, and other types of files leaving the operating system non-functional, which makes it more challenging to pay the ransom directly from the infected computer. This would also mean having to wipe the hard drive to clean it and reinstalling the operating system, unless you or your managed services team in Darwin was able to create a backup image of the drive before it was infected with the malware.
Managed services teams in Darwin should look out for fake job application spam emails containing the malicious software installer files. These emails lead to a URL of a file storage website that supposedly hosts the photo of the alleged job applicant and an executable malicious file that guises as a PDF file. Once the files are downloaded and opened, it will automatically try to install Petya, and if it fails to gain special privileges to affect the master boot record, it well then resort to install Mischa.
Malwarebytes, a security firm, recently warned the techworld of another ransomware that affects the master boot record and user files – the Satana malware. Managed services providers in Darwin and around the globe are now closely monitoring business systems and networks to be able to quickly detect this aggressive new ransomware that attacks Windows computers. In contrast to Petya, Satana does not affect the MFT, it directly replaces the MBR with its own malicious code to store an encrypted version of the infected computer’s boot record so it can later restore the previous version after the ransom has been paid. The infected computer will not be able to boot but it would be easier for managed service teams in Darwin to fix it, or relatively easier then computers infected with Petya, which also encrypts the MFT.
Satana first encrypts the files in the infected computer with specific file extensions and then it waits for the user to reboot the computer, which is when it alters the MBR. The computer user will then see a ransom note on the screen demanding for half a bitcoin or around $350 USD in payment. The user would have to use another computer to be able to pay the ransom. Tech savvy users could be able to rebuild the MBR via Windows recovery and boot recovery tool but it would take a fair amount of time to work the Windows command line. It is during times like these when enterprises can fully appreciate the hard work of their managed services providers in Darwin. Imagine how much valuable data may have been lost and how much money would have been spent in paying ransom for an office full of infected computers.