BACK

NotPetya

The National Health Service has been hit with a targeted wave of ransomware. The Wanna Ransomware [WCry] is believed to be the strain of malware used.

  • 18 Jul 2017
2 min read

Not Petya
There have been news articles upon news articles about recent ransomware attacks, using malware that encrypts the users data and asks for Bitcoin in exchange for your files back. For the most part, there hasn’t been a lot of variation in the function of the ransomware that has hit headlines. Except for one piece of malware: NotPetya.

NotPetya differentiates itself from the rest of the ransomware crowd by being…not Petya. Or ransomware at all for that matter. Unlike ransomware, including it’s namesake, Petya, NotPetya completely overwrites files, making recovery completely impossible. That doesn’t stop the malware from demanding payment, however unlike with typical ransomware operations there is absolutely no hope of recovering your data, payment or not. Research performed by Matthieu Suiche suggests that the code related to the ransom notes, including the generation of ID numbers, is merely to provide the illusion of the possibility of recovery, should Bitcoins be paid out.

The existence of such wiper malware can perhaps be seen as an inevitability; If malware can encrypt your drives, there is nothing to stop the data from being stolen or being wiped completely. There were many similar outbreaks in the late 90’s, when ransomware and particularly wiper malware similar to NotPetya were widespread issues in the IT industry.

The continued existence and proliferation of such attacks should be seen as a precautionary tale for system administrators. Updates being applied, sensible Software Restriction Policies put in place and regular backups being performed and tested will go a long way to protecting your company from ransomware and wiper malware attacks.

Mitigations
Ensure employees are aware of Ransomware and its dangers, through regular training & Phishing campaigns.
Train employees to question the validity of emails and to not open suspicious unexpected attachments.
Disable Macro scripts within Microsoft Office.
Manage the distribution of privileged accounts. Only use administrative accounts when absolutely necessary.
Have a robust and frequent data Backup strategy in place. Ensure backup data isn’t attached to the network. Always keep a backup offsite and offline.
Rename sensitive file extensions to something unique [.doc to .file] This will prevent ransomware from encrypting the document.
[/vc_column_text][/vc_column][/vc_row]

Blog Details
  • 18 Jul 2017

Newest Articles.

View all
  • 04 Mar 16

    Top 5 Recent Cyber-attacks/hacks and How They Could Relate to your Business.

    Read Article logo
  • 13 Mar 16

    Data leaks, how can they affect Sales and Business Integrity?

    Read Article logo
  • 20 Apr 16

    Common Cyber Security Threats Faced by Businesses and The Impacts

    Read Article logo
  • 11 May 16

    Regular Vulnerability Scans Assessments: Keeping You Safe

    Read Article logo

Get a Quote

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Contact Us

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Step 1 of 4 - Let’s get started

25%
  • Thanks for your interest in working with us. Please complete the details below and we’ll get back to you as soon as possible.

Buy Cyber Essentials

price-popup-pattern