A new global ransomware is making a rise today. It has infected multiple countries already, and is expected to spread even further. The ransomware made its first attacks in Ukraine this morning, affecting everything from their government, airports, banks, oil firms, and private companies. Consequences have caused flights to be delayed, issues accessing bank accounts, and citizens being unable to purchase gas at gas stations leaving “everyone disoriented.”
Petya is Similar to last Global Ransomware
The ransomware, called Petya, is similar to the last world-wide ransomware, WannaCry. Petya infects machines with certain OS systems of which lack specific patches. But unlike the ransomware we usually see, it doesn’t even worry about encrypting your files at first, but goes straight to the hard drive and encrypts the MBR (master boot record). The MBR holds information about the computer’s operating system, and if encrypted, your files will follow suit.
Instead of encrypting computers one by one, it forces a reboot, encrypts the MBR, and as a result infects the entire system by tracing file names, sizes, and locations. In other words, this ransomware is just as smart as it is evil, destructs anything it touches, and leaves behind a trail of glaring black and red screens demanding a bit coin payment of $300 (US).
At this time infected users are being advised to not surrender payment, because the email that has been used by the cybercriminals has already been disabled, even though the infection is still going strong and spreading like wildfire. IT security specialists have suggested that if you are infected, to turn off your machine immediately. The encryption process cannot complete unless the machine is on.
To help protect yourself from Petya (and other malware)
- Keep your machines up to date, and patches installed
- Backup your machine routinely
- Stay away from suspicious emails and questionable websites
- Keep yourself up-to-date on cyber security threats
Majority of Malware comes from Phishing Attacks
The majority of malware, including ransomware, comes from phishing attack emails. Phishing attacks are emails that disguise themselves to be a reputable source, like FedEx, Amazon, banks, fellow coworkers, etc. These emails contain links or files that lead you to a malicious site or file and infect your computer.
Not only do the majority of cyber-attacks come in the form of phishing emails, but end-user error is how the attack is completed. Organizations that require their employees to complete security awareness training are not as likely to fall victim. Providing your employees with training and knowledge to help them defend against these attacks is the most effective thing you can do. Provide them with the resources they need to prevent a storm and keep from taking the bait.
CTG Tech provides IT support, Managed IT Services, and Managed IT Security Services for small to medium-sized businesses in and around the Amarillo, Dallas-Fort Worh areas. CTG Tech makes certain you and your company is always protected by providing ongoing security awareness training for end-users. The training includes simulated phishing attacks aimed towards your employees, and easy-to-read reports on who is phishing prone.
If you are interested in a Free Vulnerability Network Security Audit, as well as an end user Phishing Test, please contact us today!