Petya: There is a vaccine, but no kill switch.
A new ransomware attack hit computers around the globe last Tuesday. It targeted government organizations and businesses in Ukraine but also affected companies in the UK, US, France, Norway and Denmark. It is confirmed that this ransomware took advantage of the same vulnerability in old operating systems as WannaCry.
A supermarket in Kharkov, Ukraine was paralyzed because of ransomware attack, along with most of the Ukraine government.
While Ukraine was clearly the target, throwing suspicion on Russia, global companies like Merck were collateral damage because the virus spread from offices in Ukraine across global networks. By 2 pm EST on Tuesday, Merck had asked all of its employees to not connect to their network to avoid spreading the infection.
Security experts are puzzled as to why firms and major businesses are still being hit. Windows released the patch and failure to implement could mean that companies face legal risks.
The method to pay the ransom has been rendered useless and the Bitcoin wallet untouched, contributing to the theory that the attack was likely politically motivated, especially as it started on Ukraine’s Constitution Day. The good news is there is a “vaccine” that users can install on their computers to prevent the virus from encrypting the files. The bad news- no kill switch was found and files that are already encrypted are not likely to be salvaged.
To immunize an individual computer, security experts discovered that placing a read-only file named “perfc” on in the “C:\\Windows” folder, the virus is stopped. However, it doesn’t stop the computer from spreading it to other computers if it is on a network.
What should we learn from yet another global cyber attack?
The most important thing you can learn about Integris, (we always emphasize this) you MUST be prepared. The cyber world is not safe and we cannot expect to engage in it without security measures in place. Whether you are an individual user or managing the IT environment for a large corporation, protect yourself! The risks are only increasing and the consequences could be severe. If you have any questions about how Integris handles cyber security, visit our website www.domaincybersecurity.com or give us a call. We are always willing to answer your questions!
Was this article helpful?
For more information about how Integris can benefit you.