Petya Ransomware Spreads
This week saw yet another massive ransomware attack that originated in Europe. The Petya ransomware had some similarities to WannaCry, which infected many systems recently, but was definitely very different. The Ukraine experienced the brunt of the attack, as it brought down banks and government agencies throughout the country, but it did end up spreading into additional countries as well.
The interesting thing to note about this particular strain of attack is that it, although it’s spread like wildfire, it doesn’t seem like the attackers either knew how to collect payment for their handiwork, or money wasn’t their key motivation. Many are saying that the attack was just a smokescreen to bring down key components of the Ukraine. The email address that was set up to collect the bitcoin payments to decrypt the files that were being held hostage was shut down as soon as the attack started making the news. This would mean that even people who wanted to pay to get their files back, had no way of doing so. Once a wildfire is started, though, it’s hard to contain, and this may have spread much further than the attackers were anticipating.
The ransomware exploited a vulnerability, again, that has already been patched by Microsoft. It has never before been as important as it is right now to stay up to date with security patches for the operating system you are using. Whether it is macOS, Android, Windows or iOS, vulnerabilities for the operating system are released when the patches go out. The attackers know exactly how they can utilize these to gain access to your systems. If your operating system is up to date, you will not have to concern yourself with these types of attacks.
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.