New ransomware causes global havoc

Security experts suspect ransomware Petya is demanding $300 in Bitcoin.

Tags: F5 NetworksUnited Arab Emirates
  • E-Mail
New ransomware causes global havoc According to research by Talos Intelligence, the attackers are using a variant of the Petya family of ransomware, using EternalBlue, which was seen in WannaCry.
By  Aasha Bodhani Published  June 28, 2017

A new ransomware dubbed Petya has surfaced and is rapidly hijacking systems within businesses and governments on a global scale.

The ransomware attack has surfaced only one month since the notorious WannaCry ransomware which infected computers in over 150 countries. The latest ransomware Petya is believed to lock users out of their own systems, which is then followed by a demand in payment of $300, most likely in Bitcoin form, to released their data.

The ransomware demand seen on screens read: "Your files are no longer accessible because they have been encrypted."

The attack reportedly began with Ukraine's central bank, state telecom and municipal metro, as well as targeting operations at the Chernobyl nuclear power plant, where the malware switched to manual radiation monitoring after its Windows-based sensors were shut down.

Petya has since spread on a global scale with reports stating that Danish shipping company Maersk, British advertising agency WPP, Russian oil company Rosneft and US law firm DLA Piper have all been affected.

According to research by Talos Intelligence, the attackers are using a variant of the Petya family of ransomware, using EternalBlue, which was seen in WannaCry.

However security analysts at Kaspersky Lab said they had traced the infections to "a new ransomware that has not been seen before", dubbing "NotPetya". 

Taj El Khayat, director for the Gulf, Levant & North Africa Region at F5 Networks, said: "While the reported ransom demands of $300 to release the encrypted data seems low, this will scale up very quickly. The more concerning issue is how national infrastructure is being impacted. 

"There is no easy solution to eradicate ransomware, but when the dust settles, the source of the compromises needs to be determined and remediated."

This attack has the potential continue its disruption on a global scale, similar to WannaCry. 

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code