Petya: What You Need To Know About The Latest Ransomware Attack

5 years ago | by Chris O'Brien

Petya is using the same tools exploited by WannaCry, and its taking the world by storm.

A new wave of Ransomware known as Petya has recently been unleashed, having reportedly already affected a number of companies on a global scale.

Petya is said to use the same tools exploited by the recent WannaCry attacks. The ransomware is reported to infect computers on a local network, by delivering a phishing email with a .doc attachment, and using a vulnerability within Microsoft Office and Wordpad to execute and begin a chain of exploitation. The attack has an automated shutdown feature after 1hr of the initial infection, by which time it will have already completed its local network scan. This shutdown feature signifies the beginning of the encryption process of not only your computer, but all others in your network, too.

If your machine reboots and you see this message, shut your systems down IMMEDIATELY. As mentioned, this is the beginning of the encryption process – if you manage to power off in time, your files are expected to be fine.

According to CRN, a Cadbury chocolate factory in Tasmania could be the first Australian victim of this global ransomware attack, reportedly having its activity suspended due to a variant of the Petya virus known as Goldeneye. Staff workstations have been locked, and are being held ransom unless they send a disclosed amount of Bitcoin to a specified address.  

Our Advice:

1. Ensure you’re aware of the signs you’ve received a phishing email:

click to enlarge

2. Backup your data just incase the worst were to happen, and your systems are compromised. 

3. Ensure you’re up-to-date with the latest Antivirus software we do this automatically for our clients, but if you’re not one, please ensure yours is updated so you can leverage any vendor advancements in protecting against Petya.

4. Spread the word. Let your colleagues and friends know about this latest threat to help stop the spread.

5. If you aren’t already partnered with an MSP, get in touch with one ASAP. As attacks continue to advance, the need for businesses to partner with those that are knowledgable and invested in securing technology is of the utmost importance. If you’d like our help, we’re more than happy to assist you, regardless of your location.

As cyber attacks continue to be developed and enhanced, there has never been a greater need to protect your business’ livelihood. We strongly suggest that if you haven’t already subscribed to all components of our comprehensive multi-layered security stack – C3 CyberSecurity – you do so ASAP. Implementing a comprehensive suite of security solutions is critical to protecting your business in today’s digital environment. 

Want more info on Cyber Security?

Or to learn how to better protect your business?

Get in touch with our team! Call us on 1300 661 859 or email us below.