Yet another ransomware attack is spreading across the globe hitting Russia, Europe, and the U.S. Thus far there are confirmed reports of the virus hitting Ukrainian ministries, radiation monitoring at Chernobly nuclear facility, metro systems, and banks. A number of large companies like the Russian energy company Rosneft has also reported being hit.
Ukrainian vice prime minister Rozenko Pavlo tweeted an image of a computer that has been infected with the ransomware.
In the United States the pharmacutical company Merck confirmed its global computer networks had been hit as did lawfirm DLA Piper.
Symantec has reported that this ransomware is also using the same hacking tool, Enternal Blue, that was used in theWannaCry ransomware attacks. The tool was created by the National Security Agency (NSA).
The New York Times wrote:
The attack is actually “an improved and more lethal version of WannaCry” according to Matthieu Suiche, a security researcher who helped contain the spread of the WannaCry ransomware last month when he created a “kill switch” that stopped the attacks from spreading.
The vulnerability used by Eternal Blue was patched by Microsoft last April but many organizations have failed to apply the patch.
ITonDemand & Petya
We are happy to report that to our knowledge all our clients who use our basic services avoided the Petya attack. We were able to provide protection via patching, backup, antivirus, and disaster recovery.
If you have not, make sure to update your computer this week and be wary of email attachments. Learn more about ransomware or contact us to carefully plan and execute a comprehensive security plan to mitigate the risks ransomware presents.