“Petya” Ransomware goes Global
There is a new strain of Ransomware from its original called Petya. Some sites out there are calling it completely new, NotPetya, and others see it is a variant and calling it PetWrap.
Whatever the case, the advice is always the same, look at how this is reportedly spreading, and put measures in place to mitigate as much as you possibly can.
According to many reports, the Ukraine has been badly hit, and it has been seen in several high profile UK business organisations.
Its also been confirmed that this Ransomware uses the Eternal Blue exploit, which was originally thought to have been developed by the US NSA as a digital weapon, and then subsequently leaked online by the hacker group known as Shadow Brokers.
Businesses who have not put measures in place such as disabling the SMB version 1 protocol (deprecated) or implemented the MS17-010 Microsoft Patch should do so now or as soon as possible. We believe this wont be the last exploit of this nature, and although simple measures such as black-holing the domain name used for the original Wannacry outbreak, and blocking known C&C servers, wont be effective and you could be fighting a reactive battle.
Businesses need to be robust in their security measures, have a solid response plan and be reactive as they can be to these modern threats otherwise these strains will continue to develop and proliferate. Don’t delay security patching.
What can you do ? Read the full article below – or contact us today.