What You Need to Know About the Petya Ransomware Attack

June 28, 2017

3:50 pm

Cybersecurity concerns, true to most experts’ warnings, have appeared to increase over the last few years. This week, another wave of attacks swept the globe, indicating that the problem is continuing to get worse. Dubbed Petya, the attacks affected 65 countries and were traced back to a Ukrainian company’s tax accounting software, according to Microsoft. It’s similar to the WannaCry attack from last month, but moving more slowly.

But don’t take my word for it. Here’s a selection of advice and information from several industry leaders and experts on the most recent security issues.

Test Your Disaster Recovery Plan Regularly

Here’s what David Kennerley, Director of Threat Research at Webroot, had to say about the attacks yesterday:

“This first hit Webroot’s radars at around 10 am UTC [June 27th], firstly in the US, but has since been seen in a number of countries including Ukraine, Japan, China and the UK. We currently protect against this variant. Early analysis appears to show the ransomware looks to encrypt the Master Boot Record (MBR) on infected machines as well as the victims files, similar to the nasty Petya ransomware seen last year – which only went after the MBR, and was relatively easy to fix. A large percentage of infected machines appear to be Windows 7 and 10, with the majority running the 64-bit OS.

It goes without saying that organizations should test their disaster recovery plan (DRP) regularly. This will help them understand the time it will take to restore systems to a useable state and what data is likely to be lost due to back up schedules. The danger with paying the ransom is there’s no guarantee they’ll recover their encrypted data and this only makes ransomware more successful in the long run for hackers.”

Kennerley also notes that ransomware, which is designed to be “annoying and loud,” can easily hide secondary infections which might steal data or copy passwords.

Everything You Need to Know About the WannaCry Ransomware Attack

Check Your Security Update

Kris Lamb, vice president and general manager of Forcepoint’s Cloud Security business, also spoke on the issue through a company blog post.

While we’re still learning more about this new variant of the Petya ransomware, we advise everyone as a first step to refamiliarize yourself with advice given during the Wannacry outbreak.

Ensure that the MS17-010 security update is installed on all Windows machines within the organisation. Ensure that you have email and web security solutions that can block malicious emails, block intermediate payload download stages in real-time, and can provide URL Sandboxing features for additional protection at point-of-click.

You might want to bookmark this post: Petya isn’t the end. When the next ransomware attack inevitably hits, the best way to save your sensitive files is to take preventative measures now.

Read more on how to protect your company from cyber attacks at Tech.Co

Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Adam is a writer with an interest in a variety of mediums, from podcasts to comic books to video essays to novels to blogging — too many, basically. He's based out of Seattle, and remains a staunch defender of his state's slogan: "sayWA." In his spare time, he recommends articles about science fiction on Twitter, @AdamRRowe

Leave a Reply

  • (will not be published)
Startup_Mixology_300x250