A new ransomware attack called Petya, PetyaWrap, or GoldenEye began spreading worldwide on June 27th, and it looks similar to the WannaCry outbreak in May. It targets Microsoft Windows operating systems and so far reports show that all systems from XP to Windows 10 are susceptible.
Petya looks to be more sophisticated than WannaCry and doesn’t have the same flaws that allowed a “killswitch” to slow down WannaCry’s progress. This means Petya may be a more virulent attack and harder to slow down and stop, although experts are saying they hope the patching of the known exploits it uses after the WannaCry outbreak may limit its impact.
Petya delivers two nasty payloads: ransomware which targets a computer’s entire file system and an information stealer which extracts usernames and passwords from other machines in the network.
So far, this outbreak takes advantage of the same EternalBlue exploit as last month’s WannaCry attack. It also targets another exploit called EternalRomance. Both of these exploits were patched by Microsoft in March. There may also be infection methods that work by using other vulnerabilities and tools, and Petya can spread to machines that are already patched against the EternalBlue and EternalRomance exploits.
Are you protected? What should you do next?
All OXEN-managed workstations and servers covered by a WorryFree Desktop, Server, or Network Essentials plan have been patched to protect against this vulnerability and include Webroot and Malwarebytes for further protection. If you have OXEN-managed Anti-Virus or Anti-Malware only, you may still be at risk. If you would like us to help you ensure that your systems and all machines on your network are patched and protected, please contact us.
OXEN offers a full suite of security services, including free security & ransomware training for your employees.
Worried you are infected?
If you believe you have been infected by this Petya outbreak or any other strain of ransomware, please contact our Client Care Team immediately so we can help you.
Recent Posts / View All Posts
We invite you to register for our next free OXEN webinar, “The Importance of Office 365 Backup”, at 10:30 AM CST on September 27th. Why Back Up Office 365? Despite its location in the cloud, Microsoft Office 365 data remains vulnerable to acts of human nature. While Microsoft does replicate and back up its Office 365 service, it only protects its own interests by making sure any loss on its end can be recovered. Microsoft’s backup does not protect you from user errors such as accidental deletion, an employee maliciously deleting files, or someone gaining unauthorized access and deleting files….
Much has been said about data security practices and cybersecurity measures that businesses should follow. All the information and recommendations out there can be confusing and overwhelming. Large data breaches and multiple scary ransomware attacks have dominated the news for years now. Each time businesses have to ask, “Should we be worried? Are we a target? What can we do to defend ourselves?” So here’s a short beginner’s guide on keeping your data safe and your risks low. #1 Don’t ask for information you don’t need Don’t ask for and don’t hold confidential information “just because”. If you don’t store…