During the final week of June, a malware named Petya – or NotPetya, or Goldeneye, depending on who you ask – began its assault upon computers in 65 countries. Arguably a more complex version of the attack that rampaged last spring, also called Petya (hence the naming scheme), this malware has small and large companies around the globe scrambling.
According to Microsoft, the malware attack originated from a tax software based out of Ukraine, which is now under fire for ignoring vulnerabilities that appear to have allowed the attack to happen. In what’s becoming a worrying trend and a wakeup call for businesses that have lax security and infrastructure policies, this is the second major attack in just two months.
In short, Like May’s WannaCry attack, Petya reveals itself as a ransomware – locking your computer and demanding a $300 bitcoin payment to release encrypted data. Unlike WannaCry, however, it seems that Petya has been disguising itself as a ransomware, and is in reality something much more destructive. Also unlike WannaCry, there has been no back door or “kill switch” discovered that could put an end to the attack. Any advancements made on quieting the malware have been mere temporary workarounds.
Here’s what The Verge has to say on Petya’s destructive nature:
Matt Suiche, founder of the cybersecurity firm Comae, writes in a blog post today that after analyzing the virus, known as Petya, his team determined that it was a “wiper,” not ransomware. “We can see the current version of Petya clearly got rewritten to be a wiper and not actual ransomware, Suiche writes.
The virus going around is a modified take on an earlier version of the Petya virus that was true ransomware. But Comae saw that code had been specifically modified to change it from a virus that encrypts a disk and demands a ransom into a virus that simply destroys the disk.”
Despite the widespread warning that WannaCry became, the reach of Petya has proven that many people still do not update their computer software regularly. There are a multitude of reasons, from lack of time to doubting the update’s necessity. Still, more often than not, the negative impact of attacks like Petya and WannaCry far outweigh the benefits of saving a few minutes.
Aside from regularly updating your software, the best way to arm yourself and protect your data against these crippling attacks is to utilize a third-party backup system in addition to the built-in programs that your computer comes with. The difference? The built-in backup software is just that – built-in – meaning that if the computer is affected, the backup (and your data) will be too. That’s why it’s so important to look into offsite, third party backup software such as CrashPlan, Archiware P5, or Acronis Backup, which offer multiple redundancies and therefore tighter security for your files. These are just a few examples of the several options you have to choose from.
Fortunately, unlike WannaCry, this version of Petya spreads itself internally, within networks, rather than externally. This appears to have slowed the growth of the malware, giving experts more time to work on a fix.
In the meantime, take this attack as a warning, but more crucially as a call to action. Take the time to update your software and research what may be the best third-party backup option is for you and your company. These are your first lines of defense – it’s time to protect yourself.
To learn more about May’s WannaCry attack and how to further protect your systems, read our article about it by clicking here.