NotPetya, WannaCry and Locky Named Among Nastiest Ransomware of 2017

Ransomware is one of the hottest topics in recent cybersecurity news, and with good reason. These threats are both pervasive and expensive. According to a recent survey of 500 managed service providers, nearly 90 percent of MSPs report their clients were hit by ransomware in the last year. In addition to the cost associated with any ransoms, 60 percent of MSPs reported spending multiple days remediating the fallout of a ransomware attack. And on top of that, 1 in 8 MSPs reported having paid the ransom themselves.

So, how do you protect your clients (not to mention your own MSP business) from a damaging ransomware attack? Per cybersecurity provider Webroot, one of the first steps is staying on top of threat-related news and trends. Webroot recently published their top 10 nastiest ransomware variants of 2017 list, and a lot of the names will come as no surprise to you.


NotPetya Ransomware.png

Without question, NotPetya is one of the nastiest ransomware variants out there. According to senior threat research analysts at Webroot:

NotPetya was designed to do as much damage to the Ukrainian infrastructure as possible. Not only did it shut down Ukrainian power plants, banking services, and supermarkets, but NotPetya also infected hundreds of thousands of computers in over 100 countries.


WannaCry ransomware.png

No doubt you’ve heard of this one too, given the amount of media coverage it got. WannaCry was the first ransomware to cause such widespread damage, infecting hundreds of thousands of victims in just a day. Had a security researcher in England not discovered the kill switch domain, WannaCry could’ve been exponentially more destructive.


Locky ransomware.png

Locky is probably the king of spam emails, able to reach millions of users a day. Hollywood Presbyterian Medical Center in Los Angeles, one of the first large organizations Locky hit, paid around $17,000 to get their files back.

Check out the full Top 10 List in this infographic.

How You Can Help Stop Ransomware

Here are four tips Webroot recommends to protect your clients from the threat of ransomware.

1. Educate Users

As their MSP, you should aim to teach them:

  • Not to open emails from unknown senders with attachments or URLs
  • Not to open the attachments or URLs, even if they open the emails
  • How to spot suspicious emails, even when they appear to be from reputable contacts

2. Maintain Multi-Vector Protection

  • Implement reliable cloud-based antimalware, web filtering, and firewalls
  • Patch applications regularly, such as Adobe Reader, Java, and other plugins
  • Prevent user error with ad and pop-up blockers

3. Put Your OS to Work

  • Set up Windows® OS policy restrictions
  • Block VSS and disable Windows Script Hosting (VBS)
  • Filter executables (.exe) from emails whenever possible 

4. Back up, Back up, Back up

  • Use a secure, cloud-based backup service regularly
  • Set up offline air gap backups with multiple copies of each file
  • Maintain up-to-date business continuity and disaster recovery strategies 

Handpicked for you:

Discover the latest crypto ransomware threats and how to protect your end users

Learn more about how Webroot helps MSPs protect their clients the smarter way with their award-winning solutions: