A major ransomware attack took place on Tuesday resulting in affecting some of the most-established firms worldwide, including government offices, banks etc.
The most severe damage is reported from Ukraine where the ransomware has brought most of the businesses to a close, including government offices, ATM machines, central bank, state telecom, municipal metro and the airport.
Now that the attack is spread globally, some of the British and North American companies have also reported about their systems being compromised with the attack. Many of the companies tweeted about being hit by the attack while some are still silent. The biggest cargo shipment company of the world, Maersk has confirmed that,
“The hacking attack could have led to serious consequences but neither the oil production nor the processing has been affected thanks to the fact that the company has switched to a reserve control system,”
Justin Harvey, the managing director of global incident response at Accenture stated,
“ Petya is really preying on organizations without proper patching hygiene of the Windows operating system”.
However, it is not yet confirmed who is behind this Petya ransomware and how it was spread. But it is somewhat similar to the WannaCry attack that hit the world last month.
Petya encrypts the files and data of a computer to a private key and makes it inaccessible until the data is decrypted. The hackers have demanded $300 in form of bitcoins in exchange of the decryption key.
The email address they have used for receiving the bitcoin wallet and installation key is a Posteo email address.
The German email service provider Posteo has confirmed that they have blocked the email. Well, this has blocked the way of businesses for receiving the decryption key even if they pay the ransom.
“We do not tolerate the misuse of our platform: The immediate blocking of misused email accounts is the necessary approach by providers in such cases,".
Since the attack has hit Windows PCs worldwide, it has become a prime concern for Microsoft. The company also has taken this challenge pretty seriously and has been working on resolving the problem as soon as possible.
In a statement, the company said,
“Our initial analysis found that the ransomware uses multiple techniques to spread, including one which was addressed by a security update previously provided for all platforms from Windows XP to Windows 10 (MS17-010). As ransomware also typically spreads via email, customers should exercise caution when opening unknown files. We are continuing to investigate and will take appropriate action to protect customers.”
Though the attack is reported from mostly six countries, but you can never be sure of being safe in this highly vulnerable IT world. Thus, follow the safety drill you already know, and connect to the internet as minimal as you can.