When the world was still recovering from the damage done by
the infamous Wannacry ransomware, another showman makes an entry as Petya
ransomware.
Petya has targeted computer servers all across the Globe
including Europe, India, France, Russia and Ukraine by locking up computer data
using encryption mechanisms in the enterprise services in the corporate sector.
How does Petya work?
Petya doesn't just don’t encrypt files like traditional
ransomwares, it also overwrites the Master Boot Record. This renders the target
machine unusable and prevents any successful attempts of recovering any
information on it.
Are you Infected??
Follow these steps:
1. Don’t ever pay the ransom. Even after throwing away the
huge amount its unlikely to regain access to your files. The email account used
to manage ransom demands, in such cases, gets blocked. So the attackers' only known channel for
communication at the moment, has been rendered useless.
2. Make sure that you keep a copy of the phishing email
received from the attackers and provide it with the police, as it helps with
their investigation.
3. Disconnect infected devices from the internet. If the
infected device is part of a network, isolate it as soon as possible, to
prevent the spread of the virus to other nodes in the network.
4. You can then format the hard drive, reinstall the
operating system and apps, run any available updates and, finally, restore the
locked files from your backup device.
Safeguard your systems from Petya
Follow these steps:
1. Keep all applications and the Operating System up to
date. If you are offered the option of automatic updates by your device, take
it.
2. Keep your data backed up, and create two copies - one in
the cloud, and one is physical storage. It is easy to retrieve those files even
if you are affected by ransomware. Use robust security products to protect your
system from all threats, including ransomware.
3. Do not use high privileges accounts (accounts with
administrator rights) for daily business
4. Even if trusted parties like banks send you suspicious or
unexpected emails, do not click on the attachments or the links.