Petya ransomware outbreak: Here’s what you need to know

February 20, 2020/aCOUPLEofGURUS//Last Updated November 4, 2023
img_blog-petya-ransomware

As you may or may not have heard in the news, there is a new ransomware outbreak running primarily through Europe. This one is called Petya, and is fairly similar to WannaCry. It spreads through the same vulnerabilities in Windows that WannaCry used. The initial attack vector appears to have been an infected Excel document.

Everything we did (and do) to protect our customers from WannaCry will help block this threat. All machines have been patched to remove the Microsoft vulnerability, our antivirus signatures will detect it, and our FortiGate firewalls will stop it as well. Other than the usual best practices (don’t open suspicious attachments, don’t click on suspect links), there is nothing our customers need to do.

Tech Detail: While this is a worm variant of ransomware like WannaCry, it doesn’t just encrypt the likely ‘important’ files on the computer. It also encrypts the master boot record, and reboots the system every hour, making for a partial denial-of-service issue as well.

For “casual” reading:
https://www.symantec.com/connect/blogs/petya-ransomware-outbreak-here-s-what-you-need-know
https://blog.fortinet.com/2017/06/27/new-ransomware-follows-wannacry-exploits
https://blog.kaspersky.com/new-ransomware-epidemics/17314/

Search for Posts

Search

Other Posts

What is Network Monitoring

The Art of Proactive Network Monitoring Blog Image

The Art of Proactive Network Monitoring

a COUPLE of GURUS wins CRN MSP 500 2024 as a top IT MSP!

Top 2024 IT MSP: CRN Recognizes a COUPLE of GURUS

Why Network Health Checks are Business Critical Blog Image

Why Regular Network Health Checks Are Business Critical

Share This Post