There’s a new computer virus spreading throughout the world. Going by the name ‘Petya’, the virus has already hit large firms, such as Mondelez and Maersk. This is the second time that organisations have been hit by malicious software, causing widespread frustration. WannaCry hit the NHS and Telefonica, amongst others, in May, locking down files and demanding cash to release them.
Image Credit
How does Petya work?
Petya is a form of ransomware that spreads through Microsoft software, locking computers and data and then demanding a fee to unlock each system. The malware demands a fee, in return for a special pass key which can then be used to unlock it. If the user has not recently backed up the files, then they must pay or risk losing their files. Once one computer has been affected, the malware can then spread rapidly throughout an organisation, exploiting a vulnerability within Microsoft’s ‘EternalBlue’, or through Windows administrative tools. If a company has a network of computers which do not have endpoint security solutions, the virus can take advantage and spread rapidly throughout the organisation’s network.
Petya’s origins
According to The Guardian, the malware seems to have originated in the Ukraine, hidden in an accounts program that many Ukrainian Government organisations use. Many Ukrainian companies were hit by the malware, including Kiev’s airport and the radiation control systems at Chernobyl.
How to protect against it?
Once the virus has infected the computer, it waits about an hour and then reboots the PC. It is possible to switch off the PC at this point, to prevent the virus installing. If the system does get as far as asking for a ransom note, do not pay it. Switch off the PC, disconnect the internet, reformat the hard drive and reinstall all files from a backup.
It pays to ensure that antivirus software is kept up to date and Windows updates installed regularly, as Microsoft has now issued a patch to prevent Petya infecting its software.
Any company or organisations with a network of computers should employ endpoint security, utilising specialist software such as Endpoint Security Solutions.
What’s next?
Internet experts are preparing for an ‘ugly few years’. Now that hackers have seen proof of the widespread havoc this type of ransomware can cause, the world should brace for more.
