Petya Ransomware Attack: What It Is and How to Protect Your PC
The Petya Ransomware Attack has hit crippling operations in companies across Europe, Ukraine, Russia and the US.
The malicious software has locked up computer data and crippled services in the corporate sector with Ukraine and Russia emerging as the worst affected.
This becomes the second ransomware attack in two months after the WannaCry attack that wreaked havoc on 300,000 computers globally.
What is Petya Ransomware?
Petya Ransomware is malicious software that infects the system and encrypts the files such that the user cannot access them without a decryption key.
In simpler terms, it locks users out of their systems such that their screens feature a ransomware note that cannot be skipped.
It is the latest wave of cyber-attacks that have been described as bearing some similarities to the WannaCry attack. However, cyber security experts warn that the latter appears to be much worse.
The two are different in that Petya has multiple methods of spreading making it a lot more complicated. It appears to take advantage of multiple vulnerabilities and is able to spread more broadly.
Also, it not only encrypts files but also locks them.
According to Kaspersky, it is possible that Petya is a variant of Petya.A, Petya.D, or PetrWrap.
How does it hit?
Reports indicate that emails are one of the easiest channels that the Petya ransomware can enter a system. It is believed that the malicious software comes hidden in a harmless –looking document sent via email.
Some cyber security experts have suggested that the ransomware comes hidden in a Word or PDF document. These documents come with a bad instruction that attacks the computers operating system, thus taking over the entire system.
Once users open the instruction, it freezes their computers until a set ransom is paid in bitcoins.
What is the first sign that you have been hit?
You will not be able to access your files and your screen will feature the image below:
How do I protect my PC against Petya ransomware?
First, it is always prudent to have an updated antivirus.
Major antivirus companies claim that their system is updated and can detect Petya infections.
It also helps to keep your windows up to date to ensure the system is not vulnerable. Always turn on updates.
The third tip is to always back up important files. This is especially important since no one can assure 100% immunity from ransomware attack. Also, users cannot be assured that they will recover their data unless they have a backup.
The last tip is to exercise caution when opening emails and attachments. If you were not expecting an email or you are not familiar with the sender, do not open it or exercise precaution when doing so.
A tweet from a user by the name @hankerfantastic suggests that when a system is in the process of rebooting, a user should power off their PC. Below is his full tweet:
“If machine reboots and you see this message, power off immediately! This is the encryption process. If you do not power on, files are fine.”
This, however, contradicts some reports that indicate that powering off the PC cannot stop hackers from accessing your personal files.
Bottom line is that much emphasis is placed on the importance of having a backup.