What You Need to Know About Petya Ransomware

 |   |  Security

You have likely heard the sayings “don’t reinvent the wheel,” and “imitation is the highest form of flattery.” Both aptly apply to Petya, a threat currently affecting organizations worldwide. To explain, Petya is not new. It was first discovered in 2016 as a form of ransomware that would not only encrypt files on the computer but also infect the Master Boot Record thus preventing machines from booting into the Windows Operating System.

Instead of “reinventing the wheel” by creating a new global threat, hackers made Petya even more dangerous by “imitating” WannaCry (a recent ransomware worm that took advantage of a Windows vulnerability in a way that had never been done with ransomware). In the past, ransomware would only affect a single machine and network drives the user had access to. While damaging, if regular backups were performed the network could return to a functional state in a reasonable period of time. What makes this new threat so dangerous is its ability to spread from computer to computer. Imagine, within hours, hundreds of PCs and servers being permanently decommissioned. This is happening as we speak to businesses throughout the world, especially in Europe.

What can be done to protect your network from this new threat? First and foremost, patch your computers and servers with the latest Windows Updates. If you applied the recommended Microsoft MS17-010 associated with the WannaCry vulnerability, you have greatly reduced the chances of this worm from spreading throughout your network. Petya also has the ability to spread from PC to PC using permissions associated with the current user signed into the machine. Following best practice guidelines of not giving standard user accounts administrative privileges on the network or the domain will also greatly reduce the threat of this worm spreading.

When dealing with any security threat, follow these best practices:

  • Be cautious of what emails and attachments you open.
  • If you have questions about an email, attachment or webpage, bring it to your organization’s IT or security experts before doing anything, or reach out to us.
  • Ensure that your systems are patched with the latest Windows updates.
  • Educate your users – they are more likely to be the cause of a security incident than an attack from the outside. Security awareness training makes your whole organization safer.

This threat is still evolving and we’ll keep you updated as needed. As always, if you have any questions or concerns, don’t hesitate to reach out to us!

Leave a Reply

Your email address will not be published. Required fields are marked *

Eric Monda

Eric Monda

Eric Monda is an IT Security Analyst and has been with ADNET Technologies since 2006. His extensive experience in the field combined with his background in IT allow him to fully understand the technical needs of clients while providing solutions for the security issues organizations face.

Read full bio >