Ransomware Alert: 10 facts you need to know about the NotPetya virus

by

June 27, 2017

Ransomware Alert- NotPetya.png

The world was hit again with another global ransomware attack. This attack is called NotPetya- a newer, deadlier version of the Petya ransomware that originated in 2016. The information around this attack is still becoming available at this time, but here’s 10 facts we already know about NotPetya:

  1. The virus is also being referred to as GoldenEye
  2. Like the recent WannaCry attack, NotPetya uses an NSA exploit leaked earlier this year.
  3. It seems to be spreading via some of the same Windows code loopholes exploited by Wannacry, supposedly called EternalBlue
  4. Unlike WannaCry, which had a backend kill switch and several bugs, there is no known kill switch at this time
  5. To spread within companies that installed the patch to protect themselves against WannaCry, the Petya ransomware appears to have two other ways of spreading rapidly within an organization, by targeting the network’s administrator tools
  6. The highest rate of infection appears to be in Ukraine (where it originated) and Russia. However, it has popped up in several European countries and the USA
  7. Over 2,000 organizations have been infected across the globe
  8. Major US pharmaceutical firm Merck and law firm DLA Piper have been confirmed as being hit by this ransomware attack
  9. You can tell NotPetya from other forms of ransomware from the stripped-down notice on the screen; it’s a plain black background with red text
  10. Infected computers display a message demanding a Bitcoin ransom. Those who pay are asked to send confirmation of payment to an email address but that email address has been shut down by the email provider. This means now those infected have no way of contacting the attacker and unlocking their files.

To stay ahead of NotPetya or any ransomware attack, the best method of defense is user education. The number one rule? Be sure to avoid suspicious emails. Things to look out for include:

  • Emails from unknown sources (most email services will filter such spam into your junk folder, but in case anything gets into your main inbox, practice some caution)
  • Suspicious attachments
  • Links to unusual addresses
  • Non-official wording or poor grammar in email body claiming to be from an official company or bank
  • Missing email subject headers
  • Emails from the IRS saying you owe money.  The IRS will call you they will not send emails demanding payment
  • Emails from banks stating that the IRS has taken money from your account

Whether you’re on your work network or at home, being educated about the risks and knowing what to look for will help prevent disaster from striking. Check out more information from MyITpros on staying secure– or go ahead and contact us to learn about how MyITpros can help protect your company!

We're Integris. We're always working to empower people through technology.

Keep reading

How to Run Governance on Your Security Awareness Training Program

How to Run Governance on Your Security Awareness Training Program

Has your company decided to take the plunge, and start a regular schedule of monthly online security awareness trainings for your employees? Great! You’ve just taken a big step toward hardening your cybersecurity defenses. Now what? Chances are, you’ve purchased a...

What Can Cybersecurity Awareness Training Do for My Company?

What Can Cybersecurity Awareness Training Do for My Company?

Global spending on employee cybersecurity awareness training is predicted to exceed $10 billion USD by 2027, up from around $5.6 billion USD in 2023, according to the latest estimates from Cybersecurity Ventures. Why? Because more companies than ever are realizing...

Third Party Vendor Risk Management: A Guide for Law Firms

Third Party Vendor Risk Management: A Guide for Law Firms

You've bought the cybersecurity tools your MSP recommended to manage your cybersecurity. You use a permission-based platform to transfer client files back and forth. Your firm should be covered for data breaches, especially third-party vendor risk, right? Tell that to...