Petya Ransomware causes concern

A week ago, a new ransomware variant known as Petya began sweeping across the globe, impacting a wide range of industries and organisations, including critical infrastructure such as energy, banking, and transportation systems.

This variant is part of a new wave of multi-vector ransomware attacks that Fortinet is calling “ransomworm”, which takes advantage of timely exploits. The ransomworm is designed to move across multiple systems automatically, rather than stay in one place. It appears that the Petya ransomworm is using similar current vulnerabilities that were exploited during the recent Wannacry attack.

This variant, however, rather than focusing on a single organisation, uses a broad-brush approach that targets any device it can find that its attached worm is able to exploit. It appears that this attack started with the distribution of an Excel document that exploits a known Microsoft Office exploit. Because additional attack vectors were used in this exploit, patching alone would have been inadequate to completely stop this exploit, which means that patching needs to be combined with good security tools and practices.

We recommend and sell Bullguard Internet Security. Remember, update your Windows, back-up you files regularly, and have decent Protection! Click the pic to go and download a free 60 day trial. You can by a subscription from us if you want!

 

Leave a Reply