“Petya” Ransomware Attack

by | Apr 6, 2024 | news

As you have heard, the latest ransomware outbreak has spread over the globe. Companies of all sizes have been hit.
There is no one-size-fits-all response if you have been victimized by ransomware. There is no guarantee that paying the ransom will give you access to your files.

 

What is it?

This strain of ransomware is referred to as Win32/Petya. According to Reuters, Petya originated in the Ukraine and has since spread across Europe and the United States significantly impacting large organizations like Maersk.

 

What does it do?

Similar to other ramsonware attacks, Petya is a type of malware that infects a PC, encrypts files, and requires payment to unlock data. According to www.theguardian.com, “once a computer is infected using the EternalBlue vulnerability in Microsoft Windows (Microsoft has released a patch) or through two Windows administrative tools. The malware tries one option and if it doesn’t work, it tries the next one. It has a better mechanism for spreading itself than WannaCry.”

 

What can you do?

Your business needs to have an offensive and defensive plan.
Contact us to implement the following core strategies and system configurations for your company.

 

The best offense is to educate and inform your people

  • Never open an email or attachment from a sender you do not know or are not expecting.
  • Never click on a link in an email from a sender you do not know or are not expecting.

 

The best defense is system configuration & administration

  • Setting up policy that any email containing specific attachments be sent to IT for scanning of malicious content.
  • Disable macros in Office applications can also help prevent attacks as some ransomware attacks require macros to be enabled.
  • Apply all current Windows updates and patches.
  • Ensure all end user machines, servers, VMs, etc. are using reliable anti-virus software.
  • Ensure all firewalls contain up-to-date subscriptions and virus definitions.
  • Have a sound, thoroughly tested backup policy so that if a ransomware type infection occurs, data can be restored from backup without paying a ransom.

 

Use cloud protection

Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender Antivirus for Windows 10.

Contact us to learn how to move your business to the cloud.

Do not wait! Contact us to discuss your business needs and run a security assessment today!

Related Posts