Petya Ransomware Attack: Here We Go Again

For the second time in as many months, organizations around the world are feeling the effects of a ransomware attack. No doubt, you heard about the WannaCry virus that spread rapidly, worldwide last month demanding bitcoin ransom for company data. This time, the virus is called “Petya” but there are many similarities, and one important difference, compared to WannaCry. 

Petya vs. WannaCry

Petya is spread through the EternalBlue vulnerability in Microsoft Windows. Similar to WannaCry, the patch for this vulnerability had been previously released, however as we can see, not all organizations were up to date on that patch. The glaring difference between these two attacks is that Petya attacks two ways – through EternalBlue and, if that doesn’t work, through two Windows administration tools. With more ways to infiltrate your network, this virus is much more complex than what we saw with WannaCry and shows the evolution of ransomware in as little as a month’s time.

Could this have been stopped? Possibly, at least through the EternalBlue vulnerability if the infected organizations had been up to date on their Microsoft Patches.

Will these attacks continue? Absolutely. Not only will they continue to happen but they will continue to evolve just like this most recent attack has.

Now is the time to be prepared and get ahead of the next attack and we want to help.

Over the last few months, we’ve put together several blogs and a webinar on the rise of ransomware and what you need to know in order to combat it. Below, I’ve listed out these resources for you to read and to share with your team.

6 Things You Need to Know about Ransomware – From being harder to detect to the IoT implications, learn six things to prepare yourself for an attack.

WannaCry and the Rise of Ransomware – As we now know, WannaCry was not the end of ransomware just as our CISO and CTO, Chris Sullivan, predicted. For more on the evolution of and recommendations for mitigating ransomware, read Chris’ blog here.

Lessen the Blow of Ransomware or Social Engineering – Phish Your Users – While this most recent attack wasn’t the result of a phishing scam, it doesn’t mean the next one won’t be. Teach your employees how to spot a phishing attack through continuous training.