We advise all companies to update their Windows software, to check their security solution and ensure they have back up and ransomware detection in place.
Petwrap, dubbed as an advanced version of ransomware Petya, has targeted users across India and Europe and shipping, aviation and oil and gas companies have been hit in the UK, Russia, France, Spain and elsewhere.
In case you didn’t know about it until now, there is a ransomware attack that is quickly spreading throughout various countries in the world, such as the US, Russia, Spain, France or Ukraine.
The ransomware attack began in Europe, with Ukraine hit the hardest.
The ransomware virus includes code known as Eternal Blue, which cybersecurity experts widely believe was stolen from the US National Security Agency (NSA) and was also used in last month’s ransomware attack, named WannaCry. The key difference is that while WannaCry could only impact computers that it could crack with EternalBlue, which has been patched up in newer versions of Windows and was never even an issue in Linux or MacOS, Petya can affect nearly all x86 machine on the same network as a compromised system. However, the email provider has shut down that email address.
Variants of Petya differ from WannaCry in that it does not appear to reach out to the Internet and scan for vulnerable systems, said Paul Burbage, a malware researcher with Flashpoint, a cyberthreat analysis firm.
Among the companies reporting problems were global shipping firm Maersk, British advertising giant WPP, French industrial group Saint-Gobain and United States pharmaceutical group Merck.
The virus has also hit French construction materials company Saint-Gobain.
The firm, which has headquarters in a number of countries, including Ukraine, went on to say on Twitter that other organisations have also been affected and that it is investigating the matter and will provide additional information when it knows more about the situation.
The ransomware is demanding a payment of $300 in bitcoin to decipher the hacked files.
The Moscow-based cybersecurity firm Group IB estimated that the virus affected about 80 companies in Russian Federation and Ukraine. Microsoft issued a security fix in March, but Chris Wysopal, chief technology officer at the security firm Veracode, said it would only be effective if every single computer on a network were patched – otherwise, a single infected machine could infect all others.
Ukraine reported heavy disruption from the virus, with banks, companies and government agencies being affected. Ukrainian Deputy Prime Minister Pavlo Rozenko on Tuesday tweeted a picture of a computer screen warning in English that “one of your disks contains errors”, then adding in all capital letters: “DO NOT TURN OFF YOUR PC!”
If you regularly connect to a corporate or enterprise network using a virtual private network, it’s best to wait for the all-clear today.
“We have been taking proactive steps. we have sent out advisories (on the cyber attack and the malware)”.