Petya is a type of Ransomware attack. It has affected Windows OS. Petya is a family of encryption ransomware that was first discovered.
It finds all of your files and encrypts them and then leaves you a message. If you want to decrypt them, you have to pay. The ransomware encrypts data on the computer using an encryption key that only the attacker knows. If the ransom isn’t paid, the data is often lost forever.
The Petya attack chain is well understood. Here are the four steps in the Petya chain:
1. Prepare – The Petya attack began with a compromise of the Medoc application (malware delivered tool). As organizations updated the application, the Petya code was initiated.
2. Enter – When MEDoc customers installed the software update, the Petya code ran on an enterprise host and began to propagate in the enterprise.
3. Traverse – The malware used two means to traverse:
- Exploitation – Exploited vulnerability in SMBv1.
- Credential theft – Impersonated any currently logged on accounts (including service accounts).
Note: That Petya only compromised accounts that were logged on with an active session (e.g. credentials loaded into LSASS memory).
4. Execute – Petya would then reboot and start the encryption process. While the screen text claimed to be ransomware, this attack was clearly intended to wipe data as there was no technical provision in the malware to generate individual keys and register them with a central service (standard ransomware procedures to enable recovery).
Avoid Petya attack:
1. Don’t slack on social media security
The best defense is to have a great offense when it comes to preventing ransomware attacks. Your offense can start with your social media accounts. Make sure your profiles are private and only share them with people you actually know.
“Don’t share too much personal information, especially in your biography or personal details areas,” Jason Bradlee, executive vice president and head of security at Fujitsu America Inc., told CNET. “It’s easy for cybercriminals, stalkers, and people, in general, to get addresses, phone numbers, dates of birth, etc. from these places both within the site, like Facebook, LinkedIn, and Twitter, as well as from Google or Bing.”
2. Be careful with your emails
IT service providers report that 46 percent of the ransomware attacks they observed were caused by email or phishing scams.
“The most common form of social engineering, phishing emails work so well because the attackers are getting better at masking their intentions”.
An email may also be shifty if it asks you to:
- Reset your ID
- Reset your password
- Provide them with the account or personal data
- Open a new web browser tab or window and go directly to that site to make change
3. Don’t brush off passwords
Yeah, passwords are a hassle, but they are a key way to thwart hackers. Make sure your passwords are complex to protecting your data. “Also, changing your passwords completely (meaning not just one character, but the entire password) every couple of months will help keep the bad actors guessing and your data that much safer”.
4. Keep your Windows updated
Petya (malware that mimicked a ransomware attack) and WannaCry both used vulnerabilities in computers that hadn’t updated their Windows operating system. New updates are regularly released to shore up holes that hackers may use to attack a computer system. You need to ensure your computer is updating as soon as these patches are released.
With Windows 10, updates will install automatically. Older versions may need to be manually switched on.
It’s appropriate time to make some plans for the future and it is time
to be happy. I have read this post and if I could I
desire to suggest you few interesting things or tips.
Maybe you can write next articles referring to this article.
I wish to read even more things about it!
For most recent news you have to go to see internet and on the web I found this
website as a best web page for most recent updates.
I appreciate, result in I found just what I was having a look for.
You’ve ended my 4 day lengthy hunt! God Bless you man. Have a great day.
Bye
Neat blog! Is your theme custom made or did you download it
from somewhere? A design like yours with a few
simple tweeks would really make my blog jump out. Please let
me know where you got your design. Many thanks
Hi there! Someone in my Myspace group shared this website with us so I came to give it a look.
I’m definitely loving the information. I’m book-marking and will be
tweeting this to my followers! Fantastic blog and excellent design.
If you desire to grow your familiarity only keep
visiting this website and be updated with the most up-to-date news posted here.
Awesome post.
Hi there! Would you mind if I share your blog with
my zynga group? There’s a lot of folks that I think would really appreciate your
content. Please let me know. Thanks
Its like you read my mind! You seem to know a lot about this, like you wrote the book
in it or something. I think that you can do with some pics to drive the
message home a bit, but other than that, this is great
blog. An excellent read. I will definitely be back.
I like the helpful info you supply on your articles.
I’ll bookmark your blog and test again right here regularly.
I am quite certain I’ll be told lots of new stuff proper right here!
Best of luck for the next!