Guard against Petya ransomware

          A recent variant of    Petya ransomware, known as “ExPetr” or “NotPetya” or “GoldenEye”, is spreading rapidly across the world this week. Similar to the earlier WannaCry malware, the recent attack utilizes the EternalBlue exploit against the MS17-010 vulnerability to attack unpatched Microsoft Windows-based workstations and servers.

          If you’re a Zyxel ZyWALL USG user and are using Anti-Virus and Intrusion Detection and Prevention (IDP) services, please follow the steps below to guard against the attacks:

          1.   Apply the  Microsoft MS17-010 patch on your Microsoft systems, if you haven’t done yet 

          2. Enable the Intrusion Detection and Prevention (IDP) service

              When someone attempts to make use of the Microsoft MS17-010 exploit to start the attack, the IDP service is in place to prevent it from happening. If     your ZyWALL USG device is running on firmware version ZLD 4.25, make sure your IDP signature is updated to version above. For those with     ZyWALL USG firmware ZLD 4.20 or earlier, please update to IDP signature version or above.3. 

           3. Enable the Anti-Virus/Anti-Malware service

              Gateway Anti-Virus catches malware at its first point of entry, preventing it from spreading across the internal network. Make sure your Anti-Virus     signature is updated to version or above.

          Fighting malware is a never-ending battle. Find out more tips here to defend your data from ransomware attacks. Please contact us if you require further information or assistance.