Latest Global Ransomware Attack Could Be the Worse Yet
Fallout from June’s attack could dwarf Wannacry’s
A ransomware attack like May’s Wannacry struck thousands of computers across the world on June 27, taking sensitive data hostage and demanding $300 in Bitcoin per terminal to release it. Incidents were concentrated in the US, Russia and Ukraine, but have also been reported in Britain, Romania, the Netherlands and Norway.
The malware, dubbed NotPetya, has disrupted operations at US hospitals, Russia's largest oil company and Ukrainian banks. The U.S. Department of Homeland Security is on high alert, monitoring the attacks.
“NotPetya is exploiting the same vulnerabilities as Wannacry,” Vaultize CTO and co-founder Ankur Panchbudhe said. “But its scale could be much larger, its monetary impact globally more painful, as it sweeps through the US and other Western countries as the day goes on. So far, there's no 'kill switch' like there was with WannaCry.”
According to the Reuters news network, the ransomware took down servers at Russia’s largest oil company, hijacked computers at U.S. Merck offices and wreaked havoc at Ukrainian banks and disrupted operations at the Danish shipping company A.P. Moller-Maersk, which manages 1 out of every 7 freight containers worldwide. Government agencies were also affected – Swiss terminals in India were hijacked.
Affected companies may have failed to heed warnings after Wannacry
NotPetya appears to be targeting the same or similar vulnerabilities leveraged by Wannacry last month, and many companies that took care to beef up IT and data security in its wake might be safe from today’s attacks.
Still, with over 80 companies and counting reporting problems, it’s clear that many didn’t act quickly enough or at all to safeguard their sensitive data and customer information. Petya is believed to have spread through phishing emails, so email security at affected organizations may also be lax.
Today’s ransomware, originally believed to be a variant of the Petya ransomware family, sports two layers of encryption that are frustrating researchers attempting to design a workaround for impacted businesses.
"There is no workaround to help victims retrieve the decryption keys from the computer," a representative at the Romanian security company Bitdefender said in a Reuters report.
Ransomware defense: endpoint back up and OS updates
Installing recent Windows patches designed to shore up weak points exploited by Wannacry may have kept some businesses safe from today’s attacks, but the best defense against ransomware attacks is endpoint backup.
By backing up data on all endpoints that may contain sensitive information, IT can simply roll back systems to versions before the malicious software gained entry. It’s a simple solution.
Read more about endpoint backup.
More about us
Vaultize is an innovative data security company that allows customers to track and control their documents from creation to deletion on any device, anywhere. From CYA to compliance, Vaultize provides data protection without restricting use. Vaultize’s platform utilizes DRM and encryption to secure any and every file, protect those files no matter where they travel, and provide visibility into who is accessing them and how they are being used. The Vaultize platform is nearly transparent to users, scalable and flexible to deploy. For more information, visit www.vaultize.com.