Worldwide NotPetya Ransomware Outbreak using EternalBlue exploit

June 27, 2017 | SHARE >

A new and nastier ransomware outbreak has been detected and is spreading rapidly across the globe is using the same exploit as last month’s WannaCry.  This one is a variant of Petya which encrypts your whole disk and renders the computer completely useless.

If you have yet to install the Microsoft fix—MS17-010— you should do so immediately. Be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on web links. You should also ensure that your backups are current.  If your business does not have a business continuity solution in place contact us today. Please remember and remind others to Think Before you Click.

UPDATE 6/29:
Analysts have determined that the Ransomware aspect of this threat is more of a smokescreen.  After monitoring this issue it appears to be cyber warfare in action.  As the affected machines do not have the chance to recover the files.  Several indicators reveal this:

  1. It never bothers to generate a valid infection ID
  2. The Master File Table gets overwritten and is not recoverable
  3. The author of the original Petya also made it clear NotPetya was not his work

This is significant as it shows how the topic of cyber security has moved from Tech to a CEO and Board-level business issue.

Petya Ransomware Attack – Windows Patch

Recent Blog Posts

  • blog-img

    CG PII Protect Security Training now avaliable

    We are pleased to announce a new service for our customers to help with protecting your...
  • blog-img

    Seven Chromebook Myths Debunked

    Chromebooks are great computing devices for today's most common activities.  They make...
  • blog-img

    World Password Day – First Thursday of May

    Today is World Password Day which occurs the first Thursday of May each year. We all hate...
Call Us!