What’s Petya? Only the latest in a series of cyber attacks using ransomware – a bug that encrypts user files until you pay the ransom.
Petya (and its immediate successor NotPetya) follow in the footsteps of WannaCry, which held 230,000 computers hostage in May 2017. Both WannaCry and Petya use info stolen from the NSA to breach security and spread through companies’ internal systems.
While the newest ransomware attack was focused in Ukraine, it has also spread across Europe and into the U.S. Businesses should be aware of this problem and take preventative measures to protect themselves and their customers.
How to shore up your business against Petya ransomware
If you get hit with Petya ransomware (or other malware), your whole data library is in jeopardy. Make sure you’re creating secure backups frequently, and keep backups on a completely separate drive.
2. Educate employees on email use best practices
Unaware employees are the entry point for malware. Employees MUST use their email services with care – both company and personal. Simple preventative steps include:
- Make sure you know the sender before opening an email (look closely! Malware disguises itself with familiar names – think email@example.com instead of firstname.lastname@example.org).
- ONLY click an email link if it’s from a trusted source
- DO NOT click or download suspicious items
- Notify an appropriate party if you receive a suspicious email
3. Provide a company-wide emergency plan in case of infection
The easiest way to stop malware from spreading is to completely unplug the infected machine ASAP. This includes all power and network connections. Once it’s contained, you can talk next steps.
Make sure your employees know what an infection looks like so they can take immediate action.
4. Consult your IT firm for company-specific next steps
Depending on your systems, servers, and setup, you may need to take additional preventative steps. Your IT firm should be familiar with your systems and can provide proper guidance.
What do I do if my company gets hit?
Ransomware is particularly nasty because you have two options: pay the ransom or lose your data. Ransomware encrypts your files in a way that they simply can’t be unencrypted without the proper key. Only the malware creator has that key.
If you have backups, you have a third option – pay nothing AND keep your data. This sounds like the best option to us.
Bonus: Which businesses have been affected so far?
Lots of businesses have been hit by Petya in the last day. And we’re not talking small businesses – we’re talking major law firms, banks, oil giants, and shipping and transport companies from multiple countries. The current casualty list includes:
- WPP – UK advertising firm
- Saint-Gobain – French construction materials company
- Evraz and Rosneft – Russian steel firm and oil giant
- Maersk – international Danish shipping company
- Chernobyl radiation monitoring system
Make sure you stay off this list – keep backups, make sure employees are aware of the issue, and talk to your IT firm about additional safety measures.