Learn about the attack and how SonicWall is leading the cyber arms race

Once again, the cyber arms race continues to evolve with this latest massive global ransomware attack called Petya. On, June 27, 2017 SonicWall Capture Labs began tracking a high number of Petya ransomware attacks against SonicWall customers. Petya as a malware payload is not new. In fact, we reported in the 2017 Annual SonicWall Threat Report that it was second only in the number of infections we noted last year only out of luck. The good news for SonicWall customers that are using our security services is that we have had signatures for certain variants of Petya since March 2016. Then, in April 2017 Capture Labs analyzed and released protection for the Eternal Blue exploit that Shadow Brokers leaked from the NSA.

We strongly urge our SonicWall customers who are not managed by our services to take action immediately:

• Ensure that their next-generation firewall has a current active Gateway Security subscription, in order to receive automatic real-time protection from known ransomware attacks such as Petya. Gateway Security includes Gateway Anti-virus (GAV), Intrusion Prevention (IPS), Botnet Filtering, and Application Control.
• Deploy SonicWall Deep Packet Inspection of all SSL/TLS (DPI SSL) traffic to identify and block all known ransomware attacks. Enabling DPI SSL also allows the firewall to examine and send unknown files to the SonicWall Capture Advanced Threat Protection (ATP) service for multi-engine sandbox analysis.
• Ensure that their SonicWall email security subscriptions are active, as 65% of all ransomware attacks happen through phishing emails.

The combination of the SonicWall Capture Threat Network and SonicWall Capture ATP sandboxing provides the best defense against newly emerging hybrid attacks such as Petya.

DANSLENUAGE.QUEBEC offers the following services for business customers who want to have better protection:

• Free analysis of your practices and systems against major ransomware attacks.
• Upgrade of customers’ firewall to the latest gen 6 SonicWall product, from SonicWall or another technology.
• DPI-SSL and ATP deployment.
• ATP services for existing SonicWall customers on a monthly basis.
• Managing of your SonicWall services on a monthly basis.
• AntiSpam solutions from different vendors.

Customers are invited to consult the SonicWall blog for updates regarding this threat and for any questions related to SonicWall protection against this threat.

• This article is extracted from the official SonicWall Blog.