The latest nemesis for the Windows users around the world is the dangerous Petya Ransomware attack which affected countries including the United States, Europe, and Ukraine. Ukraine has officially been declared the most severely affected region by the Petya Ransomware and termed as the ‘epicenter of the attack’.
Ukraine’s most crucial infrastructure including banks, transport, airports and even the Chernobyl power plant was affected which later shifted their radiation-sensing systems to manual heeding the critical situation.
Unlike WannaCry Ransomware attack that initially hit Windows users last month and asked them to pay the ransom in order to decrypt their data, Petya ransomware attack is much worse and lethal as once a system gets affected by the ransomware there’s a meager chance that a machine can ever be decrypted.
What is Petya Ransomware attack? How is it different from WannaCry Ransomware attack?
Petya ransomware is not an unfamiliar entity to the online world and surely not a new name to surface the internet as back in March 2016, the creator of Petya that goes with the username, Janus on Twitter introduced the code, but no significant damage was done and later on the creator went silent after December the same year.
But surprisingly, Janus has become active again and recently posted a tweet about the latest Petya ransomware attack:
— JANUS (@JanusSecretary) June 28, 2017
The machines which are affected by the Petya Ransomware would receive a notification similar to this:
This image is extracted from the official tweet of Leon Compton who earlier informed the world about the affected systems at Cadbury Chocolate factory in Tasmania.
— Leon Compton (@LeonCompton) June 27, 2017
So, No Biggie Here. I’ll Just Pay The Ransome & Everything Would Be Back to normal, right? Wrong!
While you may think that $300 worth of Bitcoin is a meager ransom amount in exchange for your precious data, the downside of Petya is that the payout methods are insanely complex, moreover, the official email that’s prompted is shut down already as the news of the malware attack made headlines all over the world.
The Petya Ransom Amount Must Have Crossed Millions By Now, Right? Well, Not Really
At the time when this article is being written, the Bitcoin wallet that’s associated with the account has only been able to accumulate close to $10,000, which is peanuts considering the magnitude and the criticality of the ransomware attack.
So, If Money Was Not The Objective Behind The Petya Ransomware Attack, What Was?
This is where things really get immensely confusing and arouse great suspicion, that ‘Why was the attack initiated if money was not the objective?’ Were the attackers trying to harm Ukraine’s infrastructure through this rogue cyber attack? Well, the answer to this question was discreetly answered by the Poland-based security researcher that was intimidated by the Janus himself in his earlier tweets:
— JANUS (@JanusSecretary) June 28, 2017
Upon which Hasherezade responded by stating some things which presumably indicates the hidden motive behind the attack:
so, my favorite (threat) actor is back 🙂 I was waiting
— hasherezade (@hasherezade) June 28, 2017
before you jump into the conclusion that current #Petya is a state-sponsore disruption you must understand Janus. he loves fame 😉
— hasherezade (@hasherezade) June 28, 2017
So, now removing money from the equation, the ultimate motive of Petya ransomware attack is to wipe out users data and destroying it completely. That is why the Petya Ransomware attack was also coined as the ‘Wiper Attack’ back in 2016.
How Is It Different From WannaCry Ransomware Attack?
Understanding WannaCry ransomware attack is simple. Your data gets hijacked, you pay the ransom and your data gets released. That’s it. But when it comes to Petya, things get real worse as you know for sure that ‘once you go Petya, you never go back’. If your machine gets affected by Petya, you may now bid farewell to your data.
Scary, right?! We thought so too. But don’t get all tensed up because if you haven’t yet been affected by the Petya Ransomware attack, mentioned below are some of the precautionary measures that you can take to secure your machines getting affected from the malware attack:
Simple Tips To Secure Your Windows Computers From Petya Ransomware Attack:
Backup your data Immediately
If you’re reading this tip on your machine then cheer up because you haven’t yet been affected. Now that you have a chance, backup all your data in an external data drive or online cloud backup services. This way even if your machine somehow gets affected you don’t have to pay the ransom as you already have all your precious data backed up.
Download Latest Windows Updates & Patches
Whenever a new vulnerability is found in Windows operating system, Microsoft releases a patch or an update to overcome the attack and fill the loophole. As earlier when the WannaCry malware attacked the Windows Users, Microsoft immediately released a patch to combat the issue. In case of Petya Ransomware attack, the probable vulnerability is found to be ‘EternalBlue’. If you are not automatically prompted any updates for Windows, then you can manually download the updates by visiting the Microsoft website and downloading the latest patches and updates.
Install Antiviruses & VPNs
Antivirus software and firewalls are your first line of defense against any virus lurking around in the digital hemisphere. It’s not only necessary to protect you from the inside, but also to notify the latest potential threats to your machine from the online world. They can really act as your knight in the shining armor when it comes to giving you protection from any malware that’s trying to encrypt your files. So, get yourself an Antivirus now and rest assured that your data is bulletproof.
On the flipside, VPNs may not be an effective solution to combat against the Petya Ransomware attack but it can really come in handy when it comes to protecting yourself from hackers and unwanted surveillance which are one of the root causes of the spread of malware. By using a VPN you anonymize your online activities and hide your IP address, so, you’re virtually in a hidden tunnel and all your digital footprints are now gibberish and non-understandable. So, opt for a VPN to give yourself an additional protective layer.
Refrain From Clicking Unknown Links & Visiting Suspicious Websites
Generally, most often you get these fishy links from an email by an unknown sender or a presumably legitimate company with typo errors in both its name and email body copy. They might ask you to click a link or install a certain software to avail certain benefit, but it’s actually quite opposite as the attacker would be the one to be benefiting in real. So, keep a watchful eye on these signs and refrain from visiting a website that’s being marked suspicious by your browser or looks shady.
Stay Vigilant When Using Public Wi-Fi
If you’re using a public Wi-fi without a VPN, you’re a sitting duck in a glass house, where your every move can be easily monitored, deciphered and traceable. Generally, these public Wi-fi are also set up by the hackers themselves to act as a honeypot where users would connect to avail free internet but in return would be handing over their personal details to the hacker. So, always use a VPN when using public wifi as a VPN is the only reliable tool when it comes to protection over unprotected networks.
Wait! Are You Already Affected By The Petya Ransomware Attack?
When the Petya ransomware first infects your computer, it takes a good one hour before it reboots your system. So, when it finally starts to reboot, simply turn off your computer to avoid any files from being encrypted by the malware and backup all data from the machine.
If you’re already passed through that stage and receiving a note to pay the ransom, don’t pay the ransom as the email address which is mentioned in the note is shut down and no longer available. The only possible solution now for you is to format your hard drive, reinstall a fresh copy of Windows and backup any files you have.
A Quick Tip: Always keep your antivirus updated and keep a backup of a fresh copy of your data on a weekly or monthly basis.