A new global ransomware attack called GoldenEye, a new strain of the Petya ransomware, is rapidly spreading and affecting businesses around the world. Hitting 64 countries so far, it may be even worse than the WannaCry attack in May, which impacted organizations in more than 150 countries.
What is Ransomware?
Ransomware is a type of malicious software that blocks access to the victim’s data or threatens to publish or delete it until a “ransom” is paid. However, in many cases paying the “ransom” does not guarantee that the files will be restored. The software tends to target individuals, but more businesses are starting to become victims of large-scale attacks. Ransomware infects devices in a variety of ways. The most common methods are infection through a link to a malicious website, an unsolicited email, or through a security vulnerability in a piece of software.
How Does Petya Work?
Demanding a $300 ransom in Bitcoin, Petya is targeting and infecting Windows servers, PCs, and laptops with outdated Operating System (OS) patches. Petya appears to be an “updated variant” of the Petya malware virus that has been around since at least March 2016. Petya encrypts your master boot file, among other files, causing your operating system to be unable to locate files.
What You Can Do to Stay Secure?
Although Petya largely targets companies, it’s important for everyone to stay vigilant and take precautionary measures. Follow these tips to stay protected:
- Ensure your anti-virus, operating system, and apps are all up-to-date.
- Always install software updates as soon as they are available as they often contain patches for critical security vulnerabilities.
- Don’t click or open any unknown or unsolicited attachments or links as they may lead to malicious websites or contain malware.
- Back up all your data immediately to an external hard drive, memory stick, or cloud service provider. Ensure that any physical storage device is not plugged into the computer so the malware infection does not spread.
If You Have Been Infected
- Do not pay the ransom. There is a strong chance you will not get your files back.
- Disconnect the infected device from the internet.
- Report it to your local police.
For more on the latest consumer and business security threats, check out our blog.
Since 2005, JPMerc has helped small to mid-sized businesses use technology more effectively — so it fuels their productivity and success, instead of getting in the way. Contact us to discuss your company’s IT needs.