Organisations across Russia, Ukraine, Spain, France, UK, India and Europe have reported a new attack similar to Wannacry. The Ransomware, named Petya, demands $300 in bitcoins.
Just like Wannacry, Petya is a type of ransomware that aims at blocking access to the hard drive of users PC. Petya modifies boot loader so that it loads malicious code instead of the operating system installed on the PC. When Petya is encrypting files it appears as if Check Disk is running.
Below is a screenshot of one of the PCs affected by Petya
It is believed that Petya spreads through email attachments mainly affecting Windows operating systems.
Precautionary Measures Against Petya Attacks
In the light of the recent ‘Petya Ransomware attacks, efforts are needed to mitigate and prevent such attacks in future. Some of the methods that can be employed to mitigate and prevent such attacks include:
- Backup critical data files on regular basis
- Install all Windows security updates such as the MS17-010 update that patches the vulnerability in Windows.
- Maintain an up-to-date antivirus and a firewall and ensure that the rules and policies are set correctly
- Do not to open attachments/enable macros on suspicious emails or from unknown or suspicious sources.
- Do not visit unfamiliar internet sites, especially those which attempt to offer enticing offers such as free gifts.