Petya – The latest in a series of high-profile cyber attacks

June 28, 2017 3:49 pm Paul Mullin

The latest high-profile Ransomware attack, called Petya, comes only weeks after the WannaCry attack that crippled the NHS and hit computers in more than 150 countries.

Petya has also struck businesses across the globe, with users being locked out of their computer systems and asked to pay a ransom in bitcoins, an online currency.

It’s the second major global ransomware attack in the last two months. In early May, Britain’s National Health Service (NHS) was one of many organisations across the globe infected by WannaCry, which used a vulnerability discovered from a leaked stash of NSA-related documents released earlier this year by a hacker collective known as the Shadow Brokers.

The WannaCry ransomware attack went onto affect more than 230,000 computers in over 150 countries, with Spanish telephone giant Telefónica and German state railways amongst the other notable organisations hit.

How does Petya infect?

Similarly, to WannaCry, Petya spreads quickly through networks that use Microsoft Windows. It demands $300, in Bitcoin, when it takes over the computer. It is able to infect the computers by taking advantage of the EternalBlue vulnerability in Microsoft Windows (there has been a patch released for the vulnerability, but not everyone will have installed it) or through two Windows admin tools. The malware will try one option, and then the other, if the first route fails to work.

It appears to have originated through a software update that was built into an accounting program used by the Ukrainian Government. This explains why the cyber-attack caused havoc in the country, affecting banks, Kiev airport, the metro system and even the radiation monitoring system at Chernobyl.

Robert O Brien, CEO, MetaCompliance said: “That is a mindset and a culture that must change. It means the business world is increasingly vulnerable at a time when hackers are getting smarter and more sophisticated, especially in terms of what technology they use.We need to see businesses fully comprehend the risks involved – not nearly enough business leaders are giving the issue of Ransomware the serious consideration it deserves.”

“Addressing vulnerable systems and educating people in the workplace on cyber security are key steps to take. Securing company data by storing in multiple location is also essential to minimise risk from cyber criminals.” he added.

Get in touch today for more information about how you can protect your business or organisation from a cyber attack.