Security Threat – Petya Ransomware Campaign

Just a few weeks after the WannaCry ransomware attack that made a lot of noise in the news and affected various organizations globally, a new threat appears to be spreading quickly.

Multiple reports of Petya ransomware infections occurring in networks in many countries around the world have been reported. Similar to WannaCry, Petya uses the Eternal Blue exploit to propagate itself. Petya has been in existence since 2016. It differs from typical ransomware as it doesn’t just encrypt files, it also overwrites and encrypts the master boot record (MBR), making affected machines unusable. Reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB).
 
Attached is an Emerging Threat Report from our partner and leader in Security with the largest Cyber Intelligence, Symantec, to enable you to better understand the Petya Threat.
 
As a reminder and general rule, a good cyber hygiene and security policies & procedures are extremely important within your organization and ensuring  the following among others: 

• Latest Windows security updates have been applied
• Symantec Endpoint Protection properly configured and updated
• IDS/IPS signatures deployed following recommendation by the vendor
• Create Cyber Security Awareness for employees
• Log Collection, Monitoring of Events and Incident Management

 At Birger, we are at your disposal 24x7 in our Cyber Defense Center powered by Symantec. We want to make sure that you are protected and prepared to predict, prevent, detect and respond to the emerging threat landscape. 
 
Click here to download the Emerging Threat Report

For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.

BIRGER.