It’s only been a month since WannaCry Ransomware swept across the globe, crippling government systems and major businesses. Now there is a new threat called Petya, which is causing similar damage across even more multinational businesses and government systems. As these attacks become even more malicious and more common, it’s important to take steps ensure you don’t fall victim to any form of Ransomware.
The latest ransomware attack, which has been named as Petya, has ravaged a score of multinational companies across the globe, even shutting down servers at Russia’s largest oil company. You’re probably thinking you have no hope in protecting yourself from an attack that can shut down a business of that size but you couldn’t be more wrong. Some of the simpliest and most common sense solutions will save you serious heartache.
Some of the first major companies affected by Petya Ransomware. (Source ABC News Australia)
- AP Moller-Maersk: oil and shipping, Denmark
- Mondelez International: food and drinks United States
- DLA Piper: International law firm, US & UK
- WPP: Advertising, London
- Merck: The second-largest drug manufacturer in the United States
- Rosneft: Russia's largest oil company
- Ukraine: power grid, banks, government offices and international airport
- TNT Express: Netherlands
Generally, these kind of ransomware attacks exploit system weaknesses, caused by poor security update management. Putting it simply computers, servers, and programs that haven’t had the latest software updates installed.
What to do if you have been Affected by Petya Ransomware.
As soon as your computer has been infected by ransomware, you will be notified by a large message across your screen, similar in context to the example below, finishing with a request for payment in Cryptocurrency, bitcoin is almost always the currency of choice.
"If you see this text, then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service"
The first and most important thing you need to do if you have been affected by any kind of ransomware is to not pay the ransom. There is no certainty that paying will unlock your computer and it also encourages the creators of ransomware to continue with these kind of attacks.
You should also isolate your computer from any network it is connected to. On top of this, if you know the source of the infection, for example, an email with an attachment or a file, notify anyone you think may have also received the email and make sure they delete it without opening it.
Depending on the exact ransomware you have been infected by, there are ways to get your data back. If the attack is brand new there probably isn’t a fix just yet, however you can remove your infected hard drive and wait for a decryption method to be developed, this does take a little while sometimes but it’s better than losing all your information. The below link is a very helpful guide that will help you get your data back if it has been infected by Ransomware and offers some great decryption software with good success rates.
How to Safeguard Against Ransomware attacks.
First of all, it is important to state that there are no ways that will guarantee 100% protection from ransomware. There are however ways in which you can significantly reduce the risk of being infected and becoming a victim.
One of the most important things you can do to prevent ransomware, viruses or malware attacks is to make sure your computer's Operating system is fully up to date. Windows, macOS, Linux, Android etc. On top of this, you should also make sure that all your programs and apps are as up to date as possible, this includes Antivirus, Anti-Malware, and Firewalls. These steps alone will drastically reduce your chance of falling victim to ransomware, as most attacks exploit weaknesses in older software versions, as was noted with both WannaCry and Petya.
Next and equally as important, is making sure you don’t open email attachments you aren’t sure of, especially word documents, pdfs and any .exe files. If you receive an email from an unknown address, delete it as soon as possible without opening it. You should also make a habit of scanning all emails with your security and antivirus programs, even if you are confident the file is ok.
So far the only good thing to come out of any Ransomware attack was in Australia, where the Government had to discard every speeding fine issued to drivers since the WannaCry attack, as WannaCry affected the entire countries fixed speed cameras!