Just over a month after the infamous WannaCry attack, a new worldwide ransomware attack is here again. Its name is Petya, or Petwrap, ransomware, it’s hit companies everywhere across Europe today, including Ukraine’s government facilities, electric grids, banks, and public transportation, demanding a $300 ransom in Bitcoin in the process.
So how does this Petya attack work, exactly? Going after Windows servers, PCs, and laptops, this cyberattack appears to be an “updated variant” of the Petya malware virus. It uses the SMB (Server Message Block) vulnerability that WannaCry did, however in the case of Petya it encrypts, among other files, your master boot file. These messages recommend you conduct a system reboot, after which the system is inaccessible. This basically means the operating system won’t be able to locate files.
Now, the next question is – what can people do to stay secure? Though this attack is largely targeting companies, it’s important everyone stays vigilant and takes precautionary measures. Therefore, to stay protected from Petya ransomware, follow these tips:
-Always make sure your anti-virus is up-to-date to maximize the protection available to you.
-Don’t click too quickly. This attack may be spreading through phishing or spam emails, so make sure you check an email’s content for legitimacy. Hover over a link and see if it’s going to a reliable URL. Or, if you’re unsure about an email’s content or the source it came from, do a quick search and look for other instances of this campaign, and what those instances could tell you about the email’s legitimacy.
-Have a complete back up. Back up all of your machines immediately. If a machine becomes infected with Petya ransomware, data could become wiped entirely. Therefore, make sure you cover all your bases and have your data stored on an external hard drive or elsewhere.
-Apply system and application updates. Make sure your operating system is up-to-date to help contain the spread of malware. Petya is spreading in organizations using the same technique as WannaCry, infecting systems that did not have up-to-date OS patches.