Advanta Bulletin - Ransomware #petya
Just a month after the Wannacry ransomware tore through various parts of the world it appears that on 27 June 2017 a new strain of ransomware has inflicted similar damage to organisations in Europe, predominantly in Ukraine and the US. The ransomware has been called variously Petya or NotPetya, (the initial characteristics of the malware appeared to share aspects of code with Petya, but this was subsequently found to be only a “superficial” resemblance) and infects computers by locking users out until they pay a fee in bitcoin.
The software spreads quickly as soon as a computer is infected, affecting other computers via SMB connections within a network or via Windows administrative tools, propagating due to a vulnerability in Microsoft Windows in a similar manner as WannaCry spread. A patch has been released by Microsoft, though not everyone has taken heed of the warnings to urgently install this leaving many users exposed to these forms of malicious software.
To protect against “Petya” attacks most antivirus companies now maintain that software updates actively detect and provide the necessary protection. Ensuring that the necessary Microsoft updates are implemented will provide a defence against further infection and future attacks from different sources.
This latest cyber-attack caused global chaos, particularly affecting Ukraine and its government offices and highlighted the importance of prioritising cyber security within every organisation, implementing safeguards and plans to mitigate the risk of future attacks by cybercriminals.
Advanta Global Services has a London and Miami based Cyber team of forensic accountants and loss adjusters working closely with cyber security experts, providing a flexible and prompt response to cyber risk claims to resolve these time sensitive and business critical incidents effectively.
For more information, please contact:
Dave Price – London Office via e-mail: firstname.lastname@example.org
Roberto Ron – Miami Office via e-mail: email@example.com