Today, an unknown number of high profile companies have come under attack from a vicious malware threat known as Petya Ransomware. The data-encrypting malware has reached a global scale quickly spreading to hit and disrupt computers across Europe with a strong focus on Ukraine.
So far, from many reports coming out of Europe, the attack is affecting websites based out of the UK, in addition to Norway, India, and Spain. Many of the attacked companies have reached out to their followers through social media to confirm that many or their networks have been compromised as part of a global hack. At least one major U.S. company, the Merck & Co. pharmaceutical company out of New Jersey, said on its Twitter account that it was affected as well.
What we suspect is fresh off of the heels of the famous and widespread WannaCry Ransomware attack a month ago, the Petya cyberattack is quickly spreading around the world starting with Ukraine and has reached several other countries in the past 24 hours.
Petya Ransomware Follows Footprints of WannaCry
Ransomware like Petya is known for infecting computers through various methods, either from their network, malicious spam email attachments, or malicious downloads from the Internet. Either way, no matter where Petya launched its attack method, it is following the dire path similar to that of when WannaCry targeted and infected as many as 230,000 computers in 150 countries around the globe a month ago. Currently, we are unsure if the Petya cyberattack will be as widespread as WannayCry. However, current activities indicate that Petya has the potential to be just as destructive or worse than WannaCry.
The US Computer Emergency Reediness Team, a subgroup of the Department of Homeland Security, has explained that they have received multiple reports of Petya Ransomware on networks around the world today and they are spreading fast. The Russian oil giant Rosneft energy company, the Dashinsh conglomerate A.P. Moller-Maersk, the UK advertising firm WPP, and countless other banks, airports, and government departments primarily in the UK are among the companies reportedly hit by the Petya cyberattack. The cyberattack has also hit the airport and metro network in Kiev with reports of various other firms out of Britain and Spain shutting down due to the attack.
The Ransomware Epidemic Appears To Be Invincible
Commonly, ransomware like Petya is a malicious program that infects a computer for the main purposes of extorting money. Most often, ransomware similar to Petya will infect a system, encrypt several files so they are no longer accessible, and then demand a ransom payment usually in Bitcoins cryptocurrency to allegedly provide a decryption code for the purpose of restoring all encrypted files. Reports have claimed that systems succumbing to the Petya Ransomware cyberattack are displaying a message demanding payment equal to about $300 (£235) in order to regain access to the encrypted files. We, along with a long list of computer security experts are advising victims of Petya not to pay the ransom.
Instead of paying the ransom demanded by Petya, victims of the widespread cyberattack and those who want to protect themselves from the aggressive malware are urged update all of their software. Although not confirmed as of yet, it is believed that the Petya cyberattack is leveraging an outdated software vulnerability. Simply updating your operating system and all running software may help eliminate the risk of being attacked by Petya and other sophisticated ransomware.