The ‘Petya Virus’: A Cyberattack That Had The Digital World Crippled
Some know it as one of the worst cyberattacks in history, and others refer to it as one of the ransomware destroyers of digital infrastructures in companies of all sizes. The ‘Petya’ virus is actually a cyberattack that quickly spread through the US and Europe, destructing a lot of digital infrastructures that were considered ‘stable’ up to that point.
The cyberattack named Petya has caused major damage at large corporations including the advertising giant WPP, the French construction materials company Saint-Gobain as well as the Russian steel firm Evraz and Rosneft.
The Petya Cyberattack: What Is It And How Did It Start?
The name “Petya” is actually a resemblance to an older type of ransomware that once existed. However, this version of the cyberattack is a lot more complicated and serious.
In case you haven’t heard of the term ‘ransomware’ before, it is basically a type of malware that blocks the entire access to a computer and demands certain sums of money in order to release the blockage. The Petya cyber virus is one of that type - infecting a computer by encrypting documents and files and then demands payment (typically in Bitcoin) for a backup of the files.
It all started when the attack seeded through a software update mechanism in the Ukrainian government, affecting a lot of organizations including the government, banks, state power utilities and even the metro system in Kiev, the capital.
The reason why Petya and many other ransomware cyberattacks target large corporations is obvious - their budget and profits. The price for ‘unblocking’ one computer from the Petya cyberattack is usually $300 - a cost that piles up when there are multiple devices affected from the virus.
How Does The Petya Cyber Virus Actually Develop - And How To Protect From It?
One of the things that make the Petya virus very serious is the mechanism through which it actually operates. For example, the virus tries two options in every infected computer using the EternalBlue vulnerability in Microsoft Windows, choosing the one that works - to block it.
The ransomware infects the computers and then waits for about an hour before automatically rebooting the machine and doing the file encryption during that time. The best way to prevent the files from being encrypted is to try and rescue them from the machine while it is rebooting.
However, if the system reboots with the ransom note - there is nothing to do at this point. And just in case you are thinking about paying, you should know that the ‘customer service’ email address has been shut down so that there is no way to get any decryption key to unlock your files. This has obviously been down to prevent more attacks and lock down the Petya ransomware.
A Final Word
Even though most major antivirus companies at this point claim that their software has updated to detect the Petya ransomware - it goes without saying that you need to be careful and always keep your Windows up to date. Only that way, you could escape this serious cyberattack and keep your files safe.