What’s Petya? Only the latest in a series of cyber attacks using ransomware – a bug that encrypts user files until you pay the ransom.
Petya (and its immediate successor NotPetya) follow in the footsteps of WannaCry, which held 230,000 computers hostage in May 2017. Both WannaCry and Petya use info stolen from the NSA to breach security and spread through companies’ internal systems.
While the newest ransomware attack was focused in Ukraine, it has also spread across Europe and into the U.S. Businesses should be aware of this problem and take preventative measures to protect themselves and their customers.
If you get hit with Petya ransomware (or other malware), your whole data library is in jeopardy. Make sure you’re creating secure backups frequently, and keep backups on a completely separate drive.
Unaware employees are the entry point for malware. Employees MUST use their email services with care – both company and personal. Simple preventative steps include:
The easiest way to stop malware from spreading is to completely unplug the infected machine ASAP. This includes all power and network connections. Once it’s contained, you can talk next steps.
Make sure your employees know what an infection looks like so they can take immediate action.
Depending on your systems, servers, and setup, you may need to take additional preventative steps. Your IT firm should be familiar with your systems and can provide proper guidance.
Ransomware is particularly nasty because you have two options: pay the ransom or lose your data. Ransomware encrypts your files in a way that they simply can’t be unencrypted without the proper key. Only the malware creator has that key.
If you have backups, you have a third option – pay nothing AND keep your data. This sounds like the best option to us.
Lots of businesses have been hit by Petya in the last day. And we’re not talking small businesses – we’re talking major law firms, banks, oil giants, and shipping and transport companies from multiple countries. The current casualty list includes:
Make sure you stay off this list – keep backups, make sure employees are aware of the issue, and talk to your IT firm about additional safety measures.