Data Security News Headlines 28th June 2017

  1. Petya Ransomware Spreading Rapidly Worldwide

Petya is a piece of ransomware and its working is very different. Unlike other ransomwares, which starts encrypting your files one by one, Petya does not encrypt files on a targeted system but reboots victim’s computer and encrypts the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk. Once a system is infected with Petya ransomware, it replaces the computer’s MBR with its own malicious code that displays the ransom note and leaves computers unable to boot. Petya ransomware is targeting windows system’s by using previously disclosed vulnerability. Much like WannaCry ransomware, Petya ransomware is using SMBv1 EternalBlue exploit, and taking advantage of unpatched Windows machines. According to a security researcher, Petya ransomware has been successful in spreading because it combines both client-side attack (CVE-2017-0199) and network based threats (MS17-010). EternalBlue is a Windows SMB exploit leaked by the infamous hacking group Shadow Brokers in April 2017. The Petya targeted worldwide, shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins.

Cyber security Tips: To prevent yourself from Petya ransomware users are strongly recommended to install patch release by Microsoft, keep yourself up-to-date, if you are using unsupported windows system apply the emergency patch released by Microsoft today, modify your firewall configurations to block access to SMB ports over the network or the Internet, Disable SMB, Keep your Antivirus software up-to-date, Backup Regularly and be aware of phishing

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: