Yesterday, I talked about a dangerous ransomware. The attack hit around the world, but hit Russia and Ukraine really hard. However, don’t think it’s over. I don’t believe it is. The Patya ransomware attack: What we know.
So first of all, we know the name of the attack. They call it Patya. There was some confusion about that when I reported it 24 hours ago. There are similarities to the WannaCry of May 2017 attack. But here is what makes Patya so dangerous: it cultivates. For example, it uses several methods to spread to several computers all at once. So this thing has no limits, no boundaries.
And remember our young, British hero who virtually stopped Wannacry? Well, so far, we have no such hero for Patya. There is no kill switch, not yet. However, some are working on a ‘vaccine’ to put this ransomware down. According to Ukranian authorities, ME-Doc software played a role in the launch. We still don’t know the motive. Many in the cyber crime-fighting community doubt this was just another money making scheme. Some think this was just to hurt Ukraine. But if that’s true, then it didn’t just hurt Ukraine. We also learn a Patya hit a US nuclear power plant. Patya also hit a US pharmacy firm and a French construction company.
So what are we going to do about it? At our Boston computer service shop, we haven’t seen the Patya ransomware attack yet. I hope we never do. But I’ve heard about this file called Perfc. When certain malware meets that file, Perfc tricks the virus and stops the encryption. That works with malware, but I don’t know it that will work with Petya. We can only hope. I understand some people and some institutions are still running Windows XP, and other defunct software. If that’s you, then stop! That’s an easy target. And if you do get eaten up, there’s nothing Microsoft can do about it. But what else can we do?