Guard against Petya ransomware

A recent variant of Petya ransomware, known as “ExPetr” or “NotPetya” or “GoldenEye”, is spreading rapidly across the world this week. Similar to the earlier WannaCry malware, the recent attack utilizes the EternalBlue exploit against the MS17-010 vulnerability to attack unpatched Microsoft Windows-based workstations and servers.

If you’re a Zyxel ZyWALL USG user and are using Anti-Virus and Intrusion Detection and Prevention (IDP) services, please follow the steps below to guard against the attacks:

Apply the Microsoft MS17-010 patch on your Microsoft systems, if you haven’t done yet
Enable the Intrusion Detection and Prevention (IDP) service
When someone attempts to make use of the Microsoft MS17-010 exploit to start the attack, the IDP service is in place to prevent it from happening. If your ZyWALL USG device is running on firmware version ZLD 4.25, make sure your IDP signature is updated to version 3.2.4.055 or above. For those with ZyWALL USG firmware ZLD 4.20 or earlier, please update to IDP signature version 3.1.4.267 or above.
Enable the Anti-Virus/Anti-Malware service
Gateway Anti-Virus catches malware at its first point of entry, preventing it from spreading across the internal network. Make sure your Anti-Virus signature is updated to version 2.0.1.678 or above.

Security

Networking

Service and License

Home Connectivity

Success Stories

Organization Sizes

Use Cases

Technologies

What’s New?

Support

Training

Buy Online

Locate Partners

Select Your Location

Africa

Asia

Central America

Europe

Middle East

North America

Oceania

South America

Guard against Petya ransomware

Have a question?