REGISTER MY ACCOUNT
Trending Topics
Next gen leadership for today‘s police supervisors (3).png
Next-Gen Leadership: Cultivating a mindset that empowers innovation
Screenshot 2024-04-16 100632.jpg
Ind. deputy dies after coming into contact with power lines while responding to crash
hqdefault.jpg
BWC video: Suspect brandishes gun, chases Mich. officers before fatal OIS
america crime
Improving officer safety with the FBI’s NCIC Violent Person File
Obit OJ Simpson
Domestic violence investigations: The lessons learned from Nicole Brown Simpson’s death
hqdefault.jpg
Video: Fla. deputy’s shoulder mic blocks bullet, saving his life, sheriff’s office says
poster.jpg
Essential safety tactics for the four primary phases of a traffic stop
3c171e11-29f7-4915-b61d-a4c98c22.jpg
BWC video: Suspect ambushes Nev. officers multiple times before fatal OIS
hqdefault.jpg
New Fla. bills limit civilian review boards, restrict bystanders from getting too close to officers
US-NEWS-SYRACUSE-POLICE-OFFICER-AND-DEPUTY-1-SMG.jpg
N.Y. police officer, deputy killed in shootout

6 immediate actions before Petya ransomware strikes

Even if your organization has patched against Eternal Blue, Petya ransomware can still spread

June 29, 2017 12:19 PM

By Andrea Fox, Gov1 Editor-in-Chief

A new strain of Petya ransomware, like the global WannaCry ransomware strike in May that affected Cook County, Ill., is using an EternalBlue exploit to spread, according to Symantec. Even if your organization has patched against it, the virus can still spread.

“Recent ransomware campaigns like WannaCry and Petya have shown the world that there is no substitute for mature multi-layered security solutions and practices. Attacks impacting one’s personal or business information occur without warning and often cause irreversible damage,” said Vikram Thakur, Symantec Security Response technical director.

Petya ransomware, aka Golden Eye, has struck more than 65 nations, according to National Public Radio. The ransom is a $300 bitcoin payment to retrieve stolen data. The highest number of targets are affecting the Ukraine.

The executable worm schedules a reboot, providing time to allow for it to spread to other computers in a network before an individual computer’s user-mode encryption occurs. The Petya ransomware overwrites and encrypts master boot records.

Once the program completes file encryption on an individual computer, the following message appears:

2017-06-image_ransom_request.png

Thakur prepared the following list of actions to help Gov1 readers prevent Petya ransomware and similar attacks, before they happen:

  1. Use mature end to end integrated security solutions
  2. Update operating systems and applications as frequently as the business allows
  3. Segregate organizational networks based on business functions
  4. Employ the principle of least privilege by allowing users access only to the information and resources that are necessary for legitimate business purposes
  5. Backup information considered critical to business continuity including offsite or offline methods (cloud services or media which is not persistently connected)
  6. Conduct periodical tests to ensure functionality and integrity of backed up data

Most cybersecurity officials advise against paying. The Petya bitcoin account had already received more than $10,000 by the time of NPR released its report.

Access the original NPR coverage.

Get individual Windows computer Petya ransomware protection tips on the USA Today website.

Command Staff - Chiefs / Sheriffs Cyber security Officer Safety Ransomware
RECOMMENDED FOR YOU