Petya Ransomware attack: How to defend against it

Following the WannaCry ransomware fiasco, the Internet is victimized by another ransomware called Petya. However, this nasty worm seems to be primarily targeting business and enterprise infrastructure in Europe. The attack was believed to be specifically targeted at Ukraine, but it gradually clawed its way to neighboring nations as well. Below is a handy list of guidelines that you should follow to defend against the Petya Ransomware attack:

  • To begin with, make sure you have all the latest security patches installed on your system. As a Windows PC which is fully patched is better equipped to defend itself.
  • An updated and a robust anti-virus is also a solid option to curb the threat.
  • Elsewhere, a few pointers that you should keep in mind that can be an effective way in dealing with Petya. For instance, if your system tries to shut down on its down, stop that from happening as Petya needs to reboot to have control over your system. Preventing your system from shutting down on its own is another effective method to curb the threat.
  • Another method is to install a read-only file called ‘perfect’ into your Windows Directory. This way has also been found effective in dealing with Petya, apart from those systems running on Windows 7.

The above guidelines should turn out to be an effective way to minimize the threat. Besides, having a solid anti-virus onboard along with latest security patches installed is of utmost importance.

Origins of Petya

It all began with an innocuous software update for Ukranian company MeDoc, a financial services firm whose software is used by all major business institutions in the country. Hackers then tried to enforce their way into MeDoc’s update servers to install their malware codes. And it was just a matter of time before all major enterprises in the Ukraine became rather easy targets, as it’s a mandatory requirement for all business organizations in Ukraine to have MeDoc’s financial software installed on their PCs.

As a matter of fact, Petya has been regarded as such a severe threat in Ukraine that even Chernobyl nuclear power plant had to be shifted on to manual mode to avoid any mishaps. Besides, banks, airports, along with railways networks have also been victims of Petya.

It’s also worth noting that only Windows systems logged into enterprise network appear to be the target. As there have been no reports of Petya ransomware on any systems running Mac, Linux, Ubuntu, or Android. Also, Petya seems to be targeted specifically at the enterprise level, hence home users have not much worry about for now.

Being a full-fledged ransomware, the first thing Petya does once it gains access into a system, is to lock up the MasterBoot record, which essentially affects the system’s ability to start up as it should in normal circumstances.

Meanwhile, security experts are still trying to figure the motive behind the attack. Some believe that the intent behind the Petya ransomware attack is to create confusion and havoc. While others believe it could be a political agenda going by the current state of affairs between Ukraine and Russia, which are apparently not healthy.