Dear Security Vendor Marketing Teams,

Please, stop calling it Petya. It’s not. It’s not even a variant in the FAMILY of Petya. It “may” have borrowed some code from Petya and have similar behavior, but it’s #notPetya.

And even it it does turn out to be Petya. Please stop trying to scare my clients into buying your product. That may have worked a few years ago, but they’re smarter now.

Petya is old. Like 2015 old. Stop telling me “we could have blocked Petya”. I really hope you could. That’s like telling me you could have blocked Code Red or ILoveYou from 15+ years ago.

So, please stop calling it Petya. And please stop with the scare tactics.

If absolutely necessary to address yet another EternalBlue exploit , send out 1 tweet. “#NotPetya = blocked/detected/squashed … NEXT!”

Then, Go and brush your shoulders off like the rock star security vendor that you are. Thats way more of a statement than you’re making today.

– A Tired Security Professional

Join the NWA Information Security Meetup for networking and education on all things InfoSec!


Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Hacking

10 Ways to Misuse A Cradlepoint

Cradlepoint routers are kind of AWESOME! I have customers use them for all sorts of things. Customers use Cradlepoint routers in police cars, fire trucks, buses, billboards, remote (as in the BOONIES) office connectivity, and Read more…

Architecture

The Forgotten Threat: DNS Exfiltration

Dear Mr. CISO, I’m sure you have DLP (Data Loss Prevention) products. Please tell me your security team does. Maybe they have endpoint DLP, storage DLP, or cloud DLP solutions in place. I’m doing my Read more…

Architecture

Please do anything…Do SOMETHING!

Dear Mr. CISO, For the love of all things sacred…. Patch your systems! If you don’t have one of the 49 vendors that could have stopped WannaCry/NotPetya/Eternalblahblah, GET ONE! But more importantly, have a security Read more…