Know all about “Petya” Ransomware menace

Context

India is the worst hit nation in the Asia pacific region by “Petya Ransomware”, with operations wedged at Jawaharlal Nehru Port Trust in Mumbai.

 Why in the news? (Key highpoints)

  • A report by Symantec identified that India is the worst hit country by Petya in APAC and 7th globally
  • The government has asked for National Cyber Security Coordinator, Gulshan Rai to monitor the situation at Jawaharlal Nehru Port Trust (JNPT) where one of three terminals was impacted
  • P. Moller-Maersk was also hit affecting multiple sites and business units including the Gujarat Pipavav Port Limited
  • Numerous companies have been crippled by global cyberattack, the second major ransomware crime in two months.

What is a Ransomware?

Ransomware is a form of malicious software intended to block access or threatens to erase the victim’s data until a ransom is paid. Many popular ransomware malware prefer to obtain payment through Bitcoin as it is difficult to trace.  There are numerous types of Ransomwares as of today. Crypto-ransomware: This Malware encrypts the systems files… Continue reading What is a Ransomware?

Posted in Knowledge Base|Leave a comment

What is “Petya Ransomware?”

Petya is a family of encrypting ransomwarethat infects the master boot record and encrypts the NTFS file table, demanding a payment in Bitcoin in order to regain access to the system. The malware specifically targets Microsoft Windows-based systems. Ukraine has emerged as the epicenter of the attack with 60 per cent of the systems infected as reported by Kaspersky.  

Posted in Knowledge Base|Leave a comment

How does the Petya ransomware work?

  • The ransomware takes over computers and demands $300 to be paid in Bitcoin.
  • The malicious software spreads rapidly through an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows.

Where did it start?

  • The attack appears to have been seeded through a software update mechanism built into an accounting program that companies working with the Ukrainian government need to use, according to the Ukrainian cyber police.

 How far has it spread?

  • The “Petya” ransomware has caused serious disruption at large firms in Europe and the US, including the advertising firm WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft
  • Who is behind the attack?
  • Many experts believe that Petya was designed to spread fast and cause as much damage as possible with a believably deniable cover of ‘ransomware’
  • Security researcher from cybersecurity blog Krebs on Security stated that ‘Petya’ was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware.
  • Pseudonymous security researcher noted that the new Petya is not designed to make money but as a criminal enterprise with intent to hurt victims specifically.

Q&A

  • On account of recent Ransomware outbreaks all over the globe, cyberattacks are the new menace and a global threat. Critically Examine.

Print Friendly and PDF