INNOVATE has been made aware of another major ransomware incident currently spreading across the globe. The scale of the attack is being compared to the recent WannaCry outbreak.
How does Petya work?
The Petya malware attacks a computer’s MBR (master boot record), a key part of the startup system that contains information about the hard disk partitions and helps load the operating system. If the malware successfully infects the MBR, it will encrypt the whole drive itself.
The new malware appears to be using a combination of the EternalBlue exploit used by WannaCryptor for getting inside the network, then spreading through PsExec for spreading within it. This powerful combination is likely the reason why the outbreak is spreading quickly.
The single biggest point of failure that could render your organisation vulnerable is user behaviour, so please be extra vigilant while dealing with email messages. If you see any suspicious emails, please error on the side of caution and do not click on any links.
DO NOT open any suspicious email or attachment you were not expecting.
Please Ignore it, Report it and Remove it.
INNOVATE can advise you on the implementation of appropriate security measures that gives you effective security with advanced threat protection, quick detection, and dynamic containment that reduces the impact of a ransomware attack.
