Just weeks after the WannaCry malware infected more than 230,000 computers in more than 150 countries worldwide, yet another form of ransomware targeted some of the UK’s largest organisations. This malware, given various names including Petya, NotPetya or Golden Eye, blocked computers, preventing users from accessing data, and demanding a ransom to release it.
The infection spread rapidly through computer networks, disrupting many large corporations throughout Europe and the US, such as pharmaceutical company Merck, Danish shipping company Maersk, UK advertising agency WPP and Russian oil giant Rosnoft.
However, much like the WannaCry virus, the payment system used by the hackers was incredibly inept at receiving money, as the bitcoin is easily traceable. Security researcher Nicholas Weaver told cybersecurity blog Krebs on Security that ‘Petya’ was a “deliberate, malicious, destructive attack or perhaps a test disguised as ransomware”. It has been widely speculated that the attack was simply designed to cause disruption and damage rather than financial gain, with possible links to the underlying political tension between the Ukraine and Russia.
Action Fraud, the UK’s national fraud and cyber-crime reporting centre, has released some guidelines on how to protect your devices from possible ransomware attacks.
- Do not click on links or attachments from unsolicited emails or SMS messages.
- Always install the latest updates for your software, as these will often include fixes for critical security vulnerabilities.
- Install anti-virus software on your devices and keep it updated. Ransomware can also be picked up by using disreputable sites such as illegal movie streaming websites.
- Create regular backups of your important files to an external hard drive or memory stick. It is also important that the device you back up to is not left connected to your computer, as a malware infection could spread to that too.
If you think you may be a victim of a ransomware attack or online fraud, report to Action Fraud by calling 0300 123 2040. The NCSC also advises not to pay any ransom demands, as there is no guarantee that access to your files will be restored.
Editorial credit: Tada Images / Shutterstock.com