- Contact Us
A little over a month ago, a strain of Ransomware called WannaCry made headlines due to the incredibly successful nature of the attack as it infected hundreds of thousands of users around the world. This ransomware was delivered through an unpatched vulnerability in the Microsoft Operating System. Thankfully, the damage was minimal as the malware code had a “kill switch” built in that stopped the spread.
Today we are hearing about another version of Ransomware called “Petya” which is similar in nature to WannaCry, yet different at the same time. Petya has already infected many large organizations in Europe, including Maersk, Mondelez, and the Ukranian Government. The Ransomware demands a payment of $300 in BitCoin to decrypt your files, the same amount that WannaCry demanded. However, unlike WannaCry, there does not appear to be a “kill switch” embedded in the code which makes Petya more dangerous than WannaCry.
Petya takes advantage of what is called the EternalBlue vulnerability in the Microsoft Operating System, which is the same exact vulnerability that WannaCry exploited. Microsoft released a patch for this critical vulnerability back in April of 2017, however, Petya targets unpatched machines, just like WannaCry did a month ago. In addition, Petya is being delivered by the traditional means of phishing emails where attachments are disguised are resumes or delivery notifications which contain the malicious code.
The single most important step in protecting yourself from this version of Ransomware is to scan for vulnerabilities and patch those vulnerabilities. Petya, much like WannaCry, is preventable if you have your systems up to date with patches that are released by vendors, such as Microsoft. On that note, we are hosting our June webinar tomorrow on the importance of Vulnerability Scanning and Patch Management. The timing is certainly good so I would encourage you to join us tomorrow by registering below. Stay safe out there friends, and we hope to see you tomorrow!
Copy and paste this link into your browser if you don't feel comfortable clicking on an image redirect: https://www.compassitc.com/june-2017-webinar-registration