According to the old saying, “fool me once, shame on you, fool me twice, shame on me.” Reports are rapidly surfacing of another massive ransomware attack involving, Russia, Ukraine, Spain, France, India and the UK similar to the attack of only a few weeks ago that used the WannaCry malware. The new malware, which appears to be a variation of the Petya malware is being called GoldenEye and it is demanding bitcoin ransoms from banks, government agencies and companies in the attacked countries. The malware appears to exploit the same Microsoft Windows Operating System flaw called EternalBlue which was made public by hackers of the National Security Agency.
This is a problem that should not have happened for many reasons. The particular Microsoft vulnerability that this ransomware exploits has been patched, but some companies, government agencies and individuals had not yet installed the patches when they had become available recently. In addition, many of the affected computers were using outdated Windows operating systems, such as Windows XP which are no longer regularly updated with new security patches. These older unsupported systems should not be used by anyone. Microsoft has taken the unprecedented step of providing security patches for these unsupported systems now in addition to its already issued security updates for presently supported Microsoft programs. Here is a link to an important memo from Microsoft with links to free security updates if you are still using one of those older operating systems.
This ransomware attack was primarily launched using phishing emails to lure unsuspecting people into clicking on links or downloading attachments tainted with the GoldenEye ransomware. As I am constantly reminding you, never click on links or download attachments until you have confirmed that they are legitimate.
You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.
As for protecting yourself specifically from ransomware, you should back up all of your data in at least two different platforms, such as in the Cloud and on a portable hard drive. Companies and agencies which can afford to do this, should also use Whitelisting software which prevents the installation of any unauthorized computer software programs.
I will update you as further developments occur.