New Delhi: We reproduce, post-editing, a cautionary message anti-virus company McAfee has sent to all its customers to sensitise computer users to the challenge thrown at us by yet another ransom-seeking gang. They have unleashed a virus or malware called Petya to bring large corporations to a standstill.
“Dear McAfee Customer,
Just over a month ago we reached out to you to educate you about the WannaCry ransomware that impacted more than 150 countries. Today we have another global cyber attack taking place. A new strain of ransomware is spreading rapidly. Called Petya, or Petwrap, ransomware, it has hit companies everywhere across Europe today, including Ukraine’s government facilities, electric grids, banks, and public transportation, demanding a $300 ransom in Bitcoin in the process. It has since spread to companies around the world.
So how does this Petya attack work, exactly? Going after Windows servers, PCs, and laptops, this cyber attack appears to be an updated variant of the Petya malware virus. It uses the SMB (Server Message Block) vulnerability that WannaCry did. However, in the case of Petya, it encrypts, among other files, your master boot file. These messages recommend you conduct a system reboot, after which the system is inaccessible. This basically means the operating system won’t be able to locate files.
Now, the next question is whether this affects you, and what you should do to stay secure. Though this attack is largely targeting companies, it’s important you stay vigilant and take precautionary measures. We encourage you to follow these tips to help stay safe:
Always make sure your McAfee anti-virus is up-to-date to maximise the protection available to you.
Don’t click too quickly. This attack may be spreading through phishing or spam emails, so make sure you check an email’s content for legitimacy. Hover over a link and see if it’s going to a reliable URL. Or, if you’re unsure about an email’s content or the source it came from, do a quick search and look for other instances of this campaign, and what those instances could tell you about the email’s legitimacy.
Do a complete backup. Back up all your PCs immediately. If your machine becomes infected with Petya ransomware, your data could become completely inaccessible. Make sure you cover all your bases and have your data stored on an external hard drive or elsewhere.
Apply system and application updates. This is spreading in organizations using the same technique as WannaCry. Making sure your operating system is up to date will help contain the spread of this malware.
You can stay updated on the Petya ransomware attack by checking our blog site here.
Gary J Davis
Chief Consumer Security Evangelist