Worldwide NotPetya Ransomware Outbreak using EternalBlue exploit

June 27, 2017 | SHARE >

A new and nastier ransomware outbreak has been detected and is spreading rapidly across the globe is using the same exploit as last month’s WannaCry.  This one is a variant of Petya which encrypts your whole disk and renders the computer completely useless.

If you have yet to install the Microsoft fix—MS17-010— you should do so immediately. Be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on web links. You should also ensure that your backups are current.  If your business does not have a business continuity solution in place contact us today. Please remember and remind others to Think Before you Click.

UPDATE 6/29:
Analysts have determined that the Ransomware aspect of this threat is more of a smokescreen.  After monitoring this issue it appears to be cyber warfare in action.  As the affected machines do not have the chance to recover the files.  Several indicators reveal this:

  1. It never bothers to generate a valid infection ID
  2. The Master File Table gets overwritten and is not recoverable
  3. The author of the original Petya also made it clear NotPetya was not his work

This is significant as it shows how the topic of cyber security has moved from Tech to a CEO and Board-level business issue.

Petya Ransomware Attack – Windows Patch

Recent Blog Posts

  • blog-img

    Debunking Security Myths

    As technology continues to change and advance, keeping up with cybersecurity best...
  • blog-img

    Data Breach: 763 million unique email address exposed

    What data was compromised:Dates of birth, Email addresses, Employers, Genders,...
  • blog-img

    Scam of the Week: Sextortion

    An eerie and unnerving scam is taking the threat of blackmail to a new level. Regardless...
Call Us!