As if ransomware and Windows updates weren’t already challenging enough, a new threat pretends to be the latter but delivers the former.
If your organization has been in the process of deploying (or considering to deploy) Windows 10, then you already know about the issues regarding Microsoft’s shift to cumulative updates and the problems with third-party applications they’ve already caused at some companies.
Even if you’re not moving to Windows 10, you may still be affected by changes Microsoft is making to how it delivers updates to Windows 7 and Windows 8.1. And if you haven’t already, you should read the sagacious guidance offered in blog posts on these and related subjects by LANDESK Director of Product Management Stephen Brown and Senior Product Manager Chris Goettl.
In addition, you’ve doubtless heard and read about—or maybe even been affected by—ransomware.
Most ransomware infiltrates computer systems, locates and encrypts critical files, then demands payment of a ransom for access to the keys needed to restore access to those files. A recent variant, known as “Hitler ransomware,” threatens to encrypt critical files, but in reality, deletes them. (Read more about this variant in blog posts by me and Stephen.)
And now, there’s Fantom. Once it gets into a system, it looks and acts like a legitimate critical Windows update. As reported by Lawrence Abrams of BleepingComputer.com and others, it even displays a realistic-looking screen that says the updates are being configured.
What’s really going on, though, is that the software is busily encrypting all the files it can find. It then displays a poorly written ransom note.
Once that note appears, victimized users have no choice but to pay the ransom and hope that they receive the decryption keys promised by that ransom note. And that those keys actually restore access to all of their files, and that the malware infection doesn’t result in further mayhem.
This is only one recent variation on the ransomware theme. Others can be at least as disruptive to your users and your business, if not more so. A ransomware variant known as “Petya,” for example, ignores your files and goes directly after the master boot records and file tables that govern access to entire hard drives.
All of this is why we’re having a ransomware update webinar on September 14, featuring Stephen Brown and Principal Product Manager Eran Livne. (Eran’s also written some sagacious and helpful guidance for combatting ransomware, as have other members of the LANDESK team. You can browse, read, and share these in our ransomware archive.)
It’s also why we continue to evolve our solutions for fighting ransomware. In the webinar, Stephen and Eran will describe some specific upcoming enhancements to LANDESK Security Suite that can help you to defeat even the newest ransomware variants, and keep your organization’s computers and users productive and operational.
Get and stay ahead of the bad guys developing and distributing ransomware. Protect your organization, its users, and its critical information. Start now by registering for the webinar today!
Also, be sure to get your free copy of our most popular white paper below.