If WannaCry was Roose Bolton, his new offspring, Petya, is definitely Ramsay

If you don’t watch Game of Thrones, we’re sorry.

We’re sorry for the metaphoric title of this post which will make utterly no sense to you.

We’re sorry that all you’re going to hear about online between now and July 16 is talk of the return of the iconic show.

And we’re sorry that you are missing out on like the best thing ever.

But back to the subject at hand.

Recently, there was a worldwide outbreak of a particularly nasty cyber attack known as “Wannacry”, which we blogged about back on 16 May.

The attack preyed upon a newly-discovered Windows vulnerability which was so bad, Microsoft actually released patches not only for it’s currently supported operating systems, but also even for it’s defunct XP operating system. Microsoft had previously declared it would stop supporting or providing patches for Windows XP from 8 April 2014 onwards, meaning that anyone still using it after this time was essentially going beyond the wall leaving themselves open to any future security vulnerabilities. However as the attack was so nasty, they decided to patch it anyway, despite Windows XP’s retired status.

And now, since the news and effects of Wannacry went viral, his evil, bastard son Petya has shown up to feed a whole new bunch of innocent people’s data to the hounds.

The difference between Petya and Wannacry is that Petya essentially does the same thing, except worse. Not only does it lock down your user files, but it also locks down your computer’s file table and Master Boot Record – meaning you won’t even be able to restart your computer.

While the full details of how Petya is spreading still havn’t been confirmed at time of publishing this article, the ransomware appears to infect Windows computers via a worm, locking access to your files and demanding a bitcoin ransom roughly valued at $300 USD to unlock them again. This is the same amount as the Wannacry ransom was asking for, and paying it isn’t at all guaranteed to get your files back.

While some have suggested Petya is spreading through phishing emails, there is evidence to suggest Petya links back to a piece of mandatory Financial software required to be installed on computers in the Ukraine. From there, it may have spread internally through larger company’s international networks, taking the worm all around the globe. It is then said to spread to Windows computers that join these infected networks.

Whatever the case, protecting yourself against being flayed Petya is fairly simple and requires 3 steps:

  • First, ensure your Windows computer is up to date, or at least has Microsoft’s April 2017 security-patch bundle installed. Supported Windows versions such as 7, 8.1 & 10 will already be protected so long as you have automatic updates enabled – if not, you should run these updates now. If on the other hand you are using an unsupported version such as XP, Vista, 8 or Server 2003, you will need to manually download and install the patch.
  • Second, ensure you are running reputable Antivirus software on your computer, such as BitDefender, Kapersky, McAfee or Symantec/Norton and so on.
  • Before connecting your personal Windows computer to any large corporate/enterprise networks over the coming days, first check in with their IT team to ensure the company is clear of the infection.

A possible fix has also been discovered via Twitter user Amit Serper, with positive responses from various security experts confirming the method. Though unless you are a very experienced user, you may need to seek assistance from an IT professional to help you attempt it.

Get tips & insights
direct to your inbox.

Sign up to our newsletter to get the most from your website hosting with insider tips, tools and guides plus 10% off your first invoice!

Have more questions
on Hosting?

Simply call us on 1300 MY HOST (694 678) during business hours, or submit a ticket through OnePanel and one of the crew will be in touch!

Get in touch