Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Petya ransomware impacting large organisations

Petya ransomware impacting large organisations in multiple countries.


This new strain of the Petya ransomware started propagating on June 27, 2017, infecting many organisations. Similar to WannaCry, Petya uses the Eternal Blue exploit to propagate itself.

What is Petya?

Petya has been in existence since 2016. It differs from typical ransomware as it doesn’t just encrypt files, it also overwrites and encrypts the master boot record (MBR).

In this latest attack, the following ransom note is displayed on infected machines, demanding that $300 in bitcoins be paid to recover files:

How does Petya spread and infect computers?

Petya propagates itself by exploiting the MS17-010 vulnerability, also known as Eternal Blue. Symantec continues to investigate other possible methods of propagation.

Who is impacted?

At time of writing, Petya is primarily impacting organisations in Europe.

Is this a targeted attack?

It’s unclear at this time, however, previous strains of Petya have been used in targeted attacks against organisations.

Am I protected from the Petya Ransomware?

Symantec Endpoint Protection (SEP) and Norton products proactively protect customers against attempts to spread Petya using Eternal Blue. SONAR behavior detection technology also proactively protects against Petya infections. Symantec products also detect Petya components asRansom.Petya.

What are the details of Symantec's protection?

Network-based protection
Symantec has the following IPS protection in place to block attempts to exploit the MS17-010 vulnerability:

OS Attack: Microsoft SMB MS17-010 Disclosure Attempt (released May 2, 2017)

Attack: Shellcode Download Activity (released April 24, 2017)

Antivirus

Ransom.Petya

Symantec is continuing to analyze this threat and will post further information as soon as it becomes available.


ends

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

'Irregular Accounting': Voluntary Suspension Of Fuji Xerox Govt Contracting

This suspension gives the Ministry of Business, Innovation, and Employment time to understand the full implications of the report from FUJIFILM Holdings into irregular accounting practices at FXNZ. More>>

ALSO:

MPI: Cow Disease Detected In NZ For First Time

MPI is responding to the detection of the cattle disease Mycoplasma bovis in a dairy herd in South Canterbury... The disease is commonly found in cattle globally, including in Australia, but it’s the first detection of it in New Zealand. More>>

South Island Flooding: Focus Moves To Recovery

As water recedes throughout flood-impacted areas of the South Island, Minister of Civil Defence Nathan Guy has praised the efforts of those who were involved in the response to the flooding... More>>

ALSO:

Superu Report: Land Regulation Drives Auckland House Prices

Land use regulation is responsible for up to 56 per cent of the cost of an average house in Auckland according to a new research report quantifying the impact of land use regulations, Finance Minister Steven Joyce says. More>>

ALSO:

Fund For PPP Plans: Govt Embraces Targeted Rates To Spur Urban Infrastructure

The government's latest response to the Auckland housing shortage will see central government and private sector firms invest in 'special purpose vehicles' to fund essential roading, water and drains that Auckland Council can't fund without threatening its credit rating. More>>

ALSO: