Petya turns out to be a wiper malware

Petya turns out to be a wiper malware

You probably have heard about Petya Ransomware attack, which started to affect computer system in several countries including the United States of America, India, Russia and few European countries on 27 June 2017 was not a ransomware attack at all, but rather it was a WIPER Malware. This malware destroys the data of the hard disk it infects.

It was a targeted attack against the Ukrainian government, which took place on the eve of the adoption of its Constitution but spilled over to other connected countries. This malware is believed to be a part of the U.S National Security Agency cyber weapons toolkit that was stolen last year and exploits Windows SMBv1 vulnerability. The malware targets Microsoft Windows operating system, infecting the master boot record to execute its payload and encrypts the hard drive file system, thereby preventing it from booting the operating system. 

Several Companies in India too were affected by the Malware. Notably being Jawaharlal Nehru Port Trust, Mumbai which is nation’s largest container port.

Researchers have found that the encryption process begins after rebooting the system. So if your system was infected with the malware and tries to reboot, it's a good idea to not turn it on and instead recover your files using a System Recovery Disk.

Microsoft had released a patch for this vulnerability in March 2017. This incident again portrays that in a fight against securing our system, humans are still the weakest link. Security experts warn that Petya and other malware attacks will continue to proliferate as long as companies delay patching and fail to develop a robust response plan for dealing with ransomware infestations. 

So, what can we learn from Petya and take steps to safeguard our data in future? One simple strategy is to take periodic backups. These days several options are available for backing up your important files. You can use free cloud services such as Google Drive, Dropbox or OneDrive. Each gives you anywhere from 2GB to 5GB of storage for free and you can easily accumulate 10s of GB of storage for free. You could also invest in a Network Attached Storage. A NAS provides TeraBytes of storage at a low cost and is the cheapest cost per GB when compared to cloud services. 

One of the reasons why people are not as careful with their data is because it is becoming too hard to manage already and if you begin to add multiple cloud storage accounts and a NAS drive, it just becomes too hard to keep track of it all. This is where QuikFynd can save your day.

Quikfynd is an intelligent data search, organization and sharing solution that runs on your Windows PC or on your NAS. You can connect your cloud storage accounts to QuikFynd and instantly know where all your data is by just searching for it with a few keystrokes. It's like having a custom search engine that only searches your own files. And once you know where all your files are, you begin to feel more in control. Because next time, an attack like Petya comes along, you don't have to worry. Use QuikFynd to search for your important files and you may find that copies of your files are already stored on your NAS and/or cloud storage. 

References

  • https://en.wikipedia.org/wiki/Petya_(malware)
  • http://thehackernews.com/2017/06/petya-ransomware-wiper-malware.html
  • http://www.datacenterknowledge.com/archives/2017/06/30/wiper-malware-global-attack-actually-destroys-data/
  • https://krebsonsecurity.com/2017/06/petya-ransomware-outbreak-goes-global/
  • http://www.business-standard.com/article/economy-policy/petya-ransomware-attack-jnpt-other-indian-firms-affected-117062800329_1.html