New ransomware attack similar to Wannacry spreads globally
“New global ransomware attack”. This is the message that has been trending on Twitter in the last hours, accompanied by the hashtags #Ransomware and #Petya. A new type of WannaCry on a global scale is attacking businesses all over the world. And, just as in the previous international attack, computers are blocked, while a screen tells the user that their computer will not work until they pay a ransom of 300 dollars in bitcoins.
The new ransomware attack is affecting users across the globe especially in Ukraine and Russia, where several banks, transport and oil companies have suffered the consequences. However, there is also evidence of companies in Spain, UK, USA and other territories that are victims of this wave of attacks.
“Rumors spread fast on the Internet so it is advisable to keep calm and not believe everything that is read on social networks. Therefore, in the event of any eventuality, it is best to ask the system managers if the protection measures are up to date or wait for the IT services of the company in which you work give you some indication. In the meantime, if you want to be informed about how the consequences of the attack evolve, it is important to go to reliable sources, media or companies in the cybersecurity sector, “warns Hervé Lambert, Global Retail Product Manager at Panda Security.
How does the new ransomware work
This new ransomware is a variant of the Petya family, and runs on computers by encrypting certain files, while blocking the boot sector of the compromised system. This prevents the user from accessing their own computer unless they enter an access key, after having paid the ransom, which restores the operating system, as if nothing had happened.
New functionality in this Petya variant is this new cyberattack is able to reboot the PC to show what looks like a ‘chkdsk’ process but is actually encrypting the files on your hard drive. Once all your files are encrypted the PC will then display a DOS-like ransomware screen with the increasing familiar “Ooops, your important files are encrypted” message.
The attack may cause a complete shutdown of the operating system
The attack, which has forced several European banks to suspend their activity, has also hit public services, as in the case of the Ukrainian Government. The Government’s website of this country has experienced several problems.
It is highly recommended to check that the security programs are upgraded, the latest protection features are enabled, updating the operating system and you must also check if the Firewall is enabled.