Are you protected from the new Drastic Threat ‘PetyaRansomeware’?

Last week, an attack named “Petya” Ransomware that uses the similar method of propagation as ‘Wannacry’ Ransomware (a wide-ranging Ransomware attack that disabled the devices globally last month) has...

Last week, an attack named “Petya” Ransomware that uses the similar method of propagation as ‘Wannacry’ Ransomware (a wide-ranging Ransomware attack that disabled the devices globally last month) has started to disturb the businesses across the entire world.

The main difference observed between the two attacks is that the latter may prove harder to conquer as has not yet appear to be vulnerable to a hardcoded “kill switch”.

From the time of ‘Wannacry’ onwards, Security experts have been warning the businesses that failed to secure their Microsoft Windows-based devices about their prediction. The prediction is that the hackers will surely come up with another digital siege but can’t say when.So, after facing ‘PetyaRansomware’, it seems that the prediction of the security experts has turned into reality.

What is ‘Petya’?

The chief security strategist at the cybersecurity firm SentinelOne, Jeremiah Grossman has said thatsome of the characteristics like infecting the Master Boot Record, encrypting the entire drive, etc. of this, seems similar to that of Petya’s.But the evidencesthosehave been collected till now are not enough to clearly say that this is a Petya variant.

What exactly happened?

The new ‘Petya’ Ransomwarehas spread speedily last week. Being similar to ‘Wannacry’, it locks the users out of their desktops and demands a ransom in return to provide the users with the access of their devices again.The attack has started seizing the systems based on Microsoft Windowsand especially those are not secured in a Microsoft messaging protocol known as SMB (Server Message Block).

The Ransomware has forced the locked users in situations such as; either they have to pay up to $300 in bitcoin (a digital currency used by cyber extortionists, as it is hard to track by the security servers) to accesstheir devices or they’ll lose their efficient data permanently.

Who has suffered?

The organizations in the Australia, Poland, U.S., Italy, Germany, Ukraine and Russia have been suffered. CostinRaiu, director of global research at Russian security firm Kaspersky Labs has posted a bar graph showing the geographical distribution of the sufferers, based on the measurements made by its firm.

Not only the institutions, governments, banks, hospitals and businesses, but also the individuals are at risks by this issue.Companies such as Maersk, Rosneft, the Danish shipping giant, the Russian oil company and many others has been suffering because of the attack.

How can businesses protect themselves?

Palo Alto Networks, the cybersecurity firm explains a number of simple steps to protect against the Ransomware on its “threat brief” blog. The steps are:

  1. Apply Microsoft patch MS17-010
  2. Block connections to Microsoft Windows’ port 445 the part of the OS associated with the vulnerable protocol
  3. Maintain regular data backups, and use them to restore systems

Should the victims pay the ransom?

The answer to this question should be ‘No, the users should not pay the ransom.’The reason being that;

  • We can’t say that the extortionists will surely return our files,even after receiving the ransom: Recently, A number of companies had paid the ransom, but then also was not able to receive the access and even not able to reclaim their data. The excuse provided is that the channel used by the extortionists to communicate with and to handover the description keys of the victims has been lost. On the other hand, the payment had already entered intothe attackers’ Bitcoin wallet.
  • This will encourage the cyber criminals to develop such threats attacks in a large number in future: On the very first day of the attack, the attackers had received 28 transactions, providing an amount of 3 Bitcoins equals to more than $7,000 but in return they had provided the excuse. It means that the attackers have achieved a good amount as their income without any investment; all this will surely attract them to develop more such threats to make more and more income(money).

Our author has provided almost all the information about the cyber threat ‘PetyaRansomware’ but the readers who want more information or any type of technical support can contact our technicians on our tech-support, toll-free number 1-888-827-9060.

Author’s Bio: This article has been written by Sunil. He had also written on topics such as Microsoft Outlook support, Windows 7 Support, Windows XP support, Kaspersky Antivirus support, Avast Antivirus support, etc.

No Comment

Leave a Reply