The PetyaWrap ransomware has affected over 12,000 computers worldwide, earning the nickname WannaCry 2.0. The PetyaWrap virus works very similarly to WannaCry, targeting computers running unpatched or unsupported versions of Windows. Once the virus infects a computer, it encrypts all the files and data on that computer, holding it ransom.
What steps should your company take to avoid the latest ransomware threat?
How the Ransomware Spreads
PetyaWrap is what is called a computer worm, meaning it can spread on its own. The virus spreads through local computer networks by automatically copying itself to other computers in your network. Unlike WannaCry, PetyaWrap does not wait for the victim to open an email or attachment – it travels by itself.
Making sure your business computer network is up-to-date and secure is the only way to protect against a PetyaWrap attack.
What to Do if You Have Been Hacked
Sometimes even our best prevention efforts fail, and we must turn to plan B. If you are a victim of the PetyaWrap attack, follow these steps to restore your files:
- Don't pay the ransom. As with all ransomware, paying the attackers only encourages more scamming, and you probably will not receive your files back. The email address for ransoms has already been suspended, so it is not likely you would be able to contact them anyway.
- Restore your backed up files. A backup is the best way you will be able to retrieve your lost files.
- Download a program to clean the virus from your computer. This will not be able to decrypt your files, but it will prevent the virus from spreading.
How to Prevent Attacks
The best way to keep your computer safe is prevention. Follow these tips to stop hacking before it's too late:
- Run the most current versions of Windows or any other operating system. If you do use an old OS, do not go online with that computer.
- Check the passwords on all domain and network administrator accounts. How long has it been since you have changed your passwords? Changing your password at least every six months will help your network stay secure. Use uppercase, symbols, and numbers to write stronger passwords.
- Review staff administrator privileges on domains and networks. The more people who have administrator accounts on your network, the faster PetyaWrap can spread. Only grant admin access when necessary and for a limited amount of time.
- Make sure your email filtering and anti-malware software is up to date.
- Train employees to spot dangerous emails. Even though we do not have evidence of PetyaWrap spreading through email, having a good system for evaluating emails is one of the best ways to avoid all types of viruses.
- Back up important files on a completely separate system so you can restore them if your information is taken for ransom. This is the best way to protect yourself from ransomware viruses.