As another grim reminder of the susceptible state of our cyber security systems, a massive ransomware has struck computers worldwide. What started as an attack on the servers of Russia’s biggest oil company and disrupting of operations at Ukrainian banks, the Petya Ransomware has now also spread to computers in Romania, the Netherlands, Norway, France, Spain, Britain, and Australia.

Petya ransom-ware attack
A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine’s state-owned bank Oschadbank after being hit by the Petya ransomware. Image source: REUTERS/Valentyn Ogirenko

The most affected country was Ukraine where the Chernobyl nuclear power plant systems were reportedly switched to manual as a precautionary measure.

How does Petya Ransomware work?

The ransomware called Petya is concealed in a benign looking document circulated via e-mail. It freezes a user’s computer until a “ransom” is paid in virtual currency bitcoin.

Once infected with the Petya virus, it results in a complete lockdown of a computer’s hard drive as well as individual files stored on it. It is harder to recover information from computers affected by this ransomware, which can also be used to steal sensitive information.

Petya Ransomware Attack
Cadbury’s Hobart computers in Tasmania attacked by the Petya ransomware.

Similar to WannaCry, Petya could have exploited ‘Eternal Blue’, a tool created by the National Security Agency and leaked online by the Shadow Brokers. This, in turn, could have been used to exploit problems in Microsoft’s software.

What should you do if you are a victim?

Computers running the most recent update of Microsoft’s software should be safe from this attack. However, users are advised to check their Windows version and refrain from clicking on malicious links or PDFs received via e-mails.

It is advised to never pay the ransom as it further encourages the attackers. Even if you end up paying the ransom, there is also no guarantee that all files will be returned intact. Instead, the best one can do in such a situation is to restore files from a backup. If this isn’t possible, there are some tools that can decrypt and recover some information.

The ramifications of this attack on businesses worldwide are infact grave. If you’ve not been attacked, it is highly advisable to do the due diligence and secure your businesses.

Worried about getting hacked? Contact Astra to secure your online business.

Waiting to Get Hacked?

Get security tips & latest vulnerability fixes right in your inbox:

About The Author

Bhagyeshwari Chauhan

An engineering grad and a technical writer, Bhagyeshwari blogs about web security, futuristic tech and space science.

2 Comments

  1. 65% of Major US Banks Fail Web Security Testing - Astra Web Security Blog - Reply

    […] has been the year of cyber attacks. From the infamous Petya ransomware attack, the havoc wreaking WannaCry attack and the Magecart payment stealing scam, the number of data […]

  2. What do Hackers do with Hacked Websites? - Astra Web Security Blog - Reply

    […] Data Breach,  the WannaCry Cyber Attack which was 2017’s deadliest ransomware attack, the Petya Ransomware attack, and the notorious yahoo data breach to name among a […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close