Petya Ransomware Attack : Latest Trend/Deadly Threat?
With the rise of technology, there has always been turning tables from its existence. Due to this, even our desires are expanded, objects are replaced, and priorities are changed. Even the definition of our valuable things has been fully revised.Previously, we valued people more but now it is data, which is valued more. Thus, the data is more vulnerable than people for being exploited. As a concept of big data, various wrongful activities rotate around data sector.One such activity is Petya Ransomware attack which we will be discussing in this article.
Petya Ransomware Attack
Petya is a name given to a family of ransomwares which were first discovered in 2016. It attacks the Microsoft Windows-based systems by infecting the Master Boot Record in order to execute a payload that encrypts the NTFS file table. Petya Ransomware is different from WannaCry Ransomware, as it does not encrypt the files, but stops the whole hard drive access by encrypting Master File Table (MFT), overwriting the boot loader and then triggering a restart. Due to this, the file system of PC becomes unreadable and fails to boot Windows. Some of its versions encrypt both files as well as MFT due to which one cannot access their data. Even if Petya Ransomware is different from Wannacry Ransomware in its working, the mode of payment of Ransom is the same which is by using bitcoins.
Petya Ransomware Attack and Its Forms
Petya Ransomware also takes advantage of the same vulnerability used by WannaCry Ransomware, i.e. EternalBlue. However, it has a much more sophisticated code. Petya is also using EternalRomance vulnerability, which had been leaked by NSA. It customs an open sourced tool, i.e. Minikatz to get the credentials of network’s administrator. After that, it spreads across the network by using PsExec and WMIC tools. Therefore, even if just one PC is affected, it can compromise the entire network.
The following discussion takes you over a collection of information specifying about – Petya Ransomware, its consequences, and measures of prevention to be taken against it.
Victims or Targets of Petya Ransomware Attack
When everyone fails, we approach to the technology, so do the culprits. Thus, the goals of such attacks could be anyone. However, the specific set of user’s groups which are usually soft targets are Home Based Users, Law Enforcement Agencies, Businesses/Enterprises, Government Agencies, Academic Institutions, Small Scale Business/Self Employed, Industrial Businesses, People, Financial Institutions, etc.
Pay Otherwise Loss Your Data
Everyone would be a victim as far as the Petya Ransomware is concerned. However, once caught in the state, no way with which one can escape from it if the measure of precaution has not been taken before.
Regarding the attack there are some statements as mentioned:
- The encrypting level of MFT used in Petya Ransomware Attack is dense.
- To get back lost data, one has to pay Bitcoins for the Petya Ransom demanded.
Note: The consequences of the Petya Cyber Attack can be prevented with some protective measures.
Common Points of Entry
There is nothing free in the world including viruses, as you have to ultimately pay a price for it to end up. Petya Ransomware is never forced upon a user. It occurs as a result of user’s carelessness. Lack of awareness about usage policies of internet results in such situations. The ways in which a normal Internet user can end up as a victim of the Petya Cyber attack are:
- Websites infected with free media download, malicious pop-ups, free software, malware links, etc.
- Mails embedded with infected attachments, faulty URLs, etc.
Measures to Safeguard Your System from Petya Ransomware Attack
- Backup: Make sure to have a complete backup of your data on any external device or on the cloud. It should be regularly updated.
- Verify Attachments in Mails: Authenticate not only email messages but its attachments as well before opening or downloading it. Since emails with infected attachments can lead to ransomware attacks.
- Verify Hyperlinks: Confirm the authenticity by just hovering the cursor over the link and check the URL linked to it before clicking.
- Enable Settings of Firewall: Keep the settings of Windows Firewall enabled to protect your PC from spyware, malware or other malicious components.
- Enhance Settings of Browser: Check that your browser is proficient enough to identify as well as scan compressed or archived files before downloading.
- Inactivate Windows Script: Windows Script Host is a possible threat in cases of Petya Cyber Attack. So disabling it, is the best preventive measure.
- Strong Password Practice: Utilization of combination of numerous characters for creating passwords is intensely suggested to safeguard brute-force success.
- Restrict Setting of AutoPlay: The medium of Petya Ransomware attacks have evolved that comprises USB drives thus, disable AutoPlay.
- Disable Idle Connections: Make sure those connections such as WiFi or Bluetooth, which are unused are disabled. Therefore, no one can deduce them, and attack your privacy.
- Implement Restriction Policy of Software: Avoid files that are executable from being automatically run by redefining the restriction settings of software on the machine.
The Final Words
With the correct knowledge of usage policies as well as measures of the Internet to keep, the continuity of business is the only technique, which can help various users to defend themselves from such attacks. Thus, it is necessary to be aware of the precautionary steps required for preventing the situation. The precautionary steps to prevent data loss due to Petya Ransomware Attack is to store the data it in Cloud or any third party servers.
