One of the most signature cyberattacks of 2017 and the most talked about are “WannaCry Ransomware,” and the latest “Not-Petya” outbreaks, both of which happened only during the past two months. In May 2017 WannaCry ransomware infected hundreds of thousands of computers worldwide, disrupting hospitals, banks, businesses and numerous small and medium size enterprises.
Many organizations in Europe and the United States were severely affected by a ransomware attack, later found to be a Wiper, called ‘Not Petya’, or ‘GoldenEye Ransomware’ which began spreading on 27th June, in Ukraine. The ransomware started spreading when businesses downloaded the latest update to their MEDoc software (a financial-monitoring application commonly used in Ukraine).
What many people consider to be the most sophisticated malware attacks in recent history, Not-Petya ransomware, infected numerous computers in more than sixty different countries, requiring victims to forward their ransom to the same Bitcoin address, used by the first Petya ransomware, along with the payment proof to receive the decryption key.
What was the purpose behind the Petya Ransomware?
As many analysts dug deep into the issue, they found that financial aspect seems only to be a distraction. As bitcoin payment system is traceable and a susceptible medium of communication (a regular email address, which was later shut down by the source) only indicates that ransomware money might not be their primary objective.
“The initial idea of disguising a ransomware is beyond clever, and with all of the turmoil going on at the moment, not many would have suspected this to be a purposeful attack on a nation. It’s an opportunity to learn when it comes to securing the integrity of our nation’s data, and we consider it as disturbing proof, what could happen if we didn’t unfold itl.” – According to Zohar Pinhasi, CEO of MonsterCloud
Petya’s primary objective was obviously not to make money. But then, what was it designed to do? Along with IT fraternity, we believe that Petya meant as a destructive malware and was disguised as ransomware, so cybercriminals could target selected organizations – primarily the Ukrainian organizations – under the guise of collecting ransom money.
Not Petya’s Consequences
The ransomware is capable of infecting all Windows Operating Systems. It overwrites the Master Boot Record and on reboot, infects the computer blocking access to it. Once hacking to your computer, Petya demands a ransom amount of $300 in Bitcoin.
If your computer automatically reboots and you see a ‘false check disk’ message, you should power off immediately!
This message means that NotPetya encryption process is taking place. If you power off immediately or do not power on at all, your data will remain safe from the encryption process.
If the encryption process continues without interruption, you won’t be able to recover your data from this ransomware!
How to stay protected from Malware
Some simple ways to stay protected from ransomware threats include:
Emails: Never to click on an email sent by suspicious email address. Emails that come with attachments but without any text in the email’s body should be dealt with extra caution. Do not let Petya ransomware hunt your hard drive down and lock your valuable data.
Install your updates in time: Both the WannaCry and NotPetya exploited vulnerabilities in the Windows operating system to spread across networks. However, Microsoft released updates months back, before the attack began. Unfortunately, the hundreds of thousands of victims who were targeted hadn’t bothered installing them on their computers.
Discard unnecessary features and software: All the extra software for pictures videos, or any browser extensions that you don’t need must be discarded or disabled. You might also want to remove software that you’ve installed a long time ago and don’t use anymore.
Back up your files immediately: A good backup plan is always a good option in any case especially a malware attack. Local or mapped network drives are never safe to put your backups because ransomware Trojans can easily scan and encrypt all of them.
Always keep cloud backups: Storing backups in Google Drive, or another cloud storage service is smart as long as you haven’t mapped it to a local drive or folder.
For Multi Layer Security:
Virtual Private Network
A VPN provides the most advanced level of security to all their users, so they reach out the online world in the most secure way.
A VPN provides you with dedicated IPs, ensuring they are safe for everyday communication. Also, encrypt IPs so that hackers will not trace you back.
VPNs have multiple points of presence in different geographic regions that allow users to safely reach out to any website without risking their online identity.
Pure VPN Introducing Advance Features
A wide array of features were introduced by PureVPN which were ready for use at any location and any environment. With PureVPN advance feature, will be empowered to face any online threats that have the potential to harm your computer system with unlimited threats not limiting to viruses but online security and beyond.
Anti Virus& Anti Malware
PureVPN detects and prevents download of any type of malicious files via all major protocols including HTTP, SMTP, POP3, IMAP4, and FTP. Unknown and suspected files are immediately sent to a “sandbox” for dynamic virus/malware analysis. Simply all incoming and outgoing communications are scanned for malicious content. All content is stopped at the gateway, and malicious files are not allowed to enter the system. In conclusion, your system is guarded against countless viruses and malware attacks.
IDS/IPS (Intrusion Detection System/Intrusion Prevention System)
Our IDS and IPS blocks known threats, including exploits, malware, trojans, and spyware, across all ports, regardless of common evasion tactics employed.
Any malicious activity detected will be automatically denied access to the user’s internet connection, decreasing the probability of the threat spreading.
Unpatched Software is a dream come true for hackers since it’s much easier to compromise and exploit. IDPS protects this loophole from being exploited by adding an extra layer of security for the users. This protects users from DDoS, malware, spyware, trojans, port scans and other common methods of exploitation.
We have to accept the fact that, malware attacker and hackers are coming up with new ways to encrypt the data of normal users and demands ransom in return. With the demanding online security comes with new ways of advanced protection. Pure VPN has worked to achieve the best cyber security solution for every individual.