Businesses and institutions were victimized by a new and more menacing global malware attack. The perpetrators used the Petya ransomware worm to carry out the cyber attack starting on Tuesday morning.
It is now believed that the Petya ransomware was just some kind of cover for the real culprit. Underneath the Petya is a kind of malware now being dubbed by some as "NotPetya" and "Goldeneye." Petya is originally an older version of the said malware and the new one that's wreaking havoc around the globe is said to be a new strain of the malware.
The Petya cyber attack crippled companies by locking down or freezing their computers. This was done by targeting vulnerable Windows Server Message Block, a service utilized for file and printer sharing across local networks. Petya was also spread through Microsoft PsExec.
The Petya ransomware rapidly spread from Ukraine to other companies in Europe via enterprise networks. The speculation is that the ransomware spread via foreign companies with subsidiaries or operations in Ukraine. The Petya apparently traveled "upstream" via corporate VPNs to central servers and then to computers with Windows. According to Tom's Guide, there is also proof that Petya spread through infected email attachments but this has yet to be looked upon more closely.
To stop Petya from spreading, people should download the patch created to deal with this latest cyber attack. Users should also have the latest version of Microsoft Windows. Those with Windows that updates automatically are safe from the attack. CNET has a list of the links where users can download security updates necessary to stop Petya from affecting their computers and spreading further. It is also important to have an updated antivirus software and to avoid opening attachments from unknown sources. It is also vital that users keep a backup of their files especially the important ones. In the event that Petya infects their computers, they will still have access to their files.