Tuesday 27th June 2017 saw reports of another cyber infection spreading globally, this time possibly with the intention of destroying data. The source is believed to be a piece of Ukrainian tax filing software known as MEDoc, although the company have denied this. The software was believed to be a variant of the Petya malware which was discovered in 2016, although this time it was intent on destruction, not making money, as there was actually no way of paying any ‘ransom’.
The most effective method of prevention from these attacks is to ensure that you have some sort of anti virus/anti malware software on your machines, and most importantly ensure it is up to date.
Below: Note displayed on computers infected with the Petya ransomware (credit: Symantec)
Microsoft have released updates, delivered automatically to all their free anti malware products, including Windows Defender Antivirus and Microsoft Security Essentials. Windows Defender ATP (Advanced Threat Protection) automatically detects behaviours used by this new malware, and other cyber attacking variants so will not need any special update.
Symantec‘s Endpoint Protection (SEP) and sister brand Norton products proactively protect customers against attempts to spread Petya using Eternal Blue, using their SONAR detection technology. Read their blog for more info.
Kaspersky‘s Security Network and System Watcher software also protects against the threat of Petya, users should follow the link to their blog for more info.
Avast have a free anti malware program which can be downloaded at their website, link to a special page on Petya here.