As if we haven’t had enough headline grabbing cyber-attacks to shift this risk from ‘emerging’ to ‘prominent’, this morning Australia woke up to another worldwide ransomware assault, not dissimilar to last month’s WannaCry attack.
According to ABC News, the ransomware, known as the Petya virus, has taken out servers at Russia’s biggest oil company, disrupted operations at Ukrainian banks, and shut down computers at multinational shipping and advertising firms.
BBC News reports that the Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down. The Russian anti-virus firm Kaspersky Lab said its analysis showed that there have been about 2,000 attacks.
Attack hits home
Closer to home, Australian staff at DLA Piper were advised via text that all IT systems have been taken down to contain the situation, and were warned not to attempt to log in to their computers or turn them on – noting that it’s unlikely their IT systems will be fully restored today.
Parent company Mondelez warned Australian workers at Hobart’s Cadbury factory after its international network experienced a ‘global IT outage’, according to The New Daily.
The official Mondelez Twitter account notes the outage and links to a brief statement that the business is “working offline in an effort to maintain business continuity with our customers and consumers around the world … At this time, we do not know when our systems will be restored but we appreciate everyone’s patience, understanding and partnership during this process”.
Our network is currently experiencing an IT outage. We’re working to resolve the situation ASAP. https://t.co/hAvAexPeBi
— Mondelēz Intl (@MDLZ) June 27, 2017
What does Petya look like?
According to Symantec’s official blog, Petya has been in existence since 2016. It differs from typical ransomware as it doesn’t just encrypt files, it also overwrites and encrypts the master boot record.
In this latest attack, a ransom note is displayed on infected machines, demanding that $300 in bitcoins be paid to recover files.
What can you do about it?
While Petya may be “the scariest computer virus yet for Microsoft Windows users”, Monica Torres and Heidi N. Moore of Ladders say that enhanced precautions and security may help prevent an attack.
Ukraine’s interior minister adviser told Reuters that the Petya virus got into computer systems through phishing emails that were written to trick employees into opening them.
Do not click on links or attachments or download files from suspicious senders. Don’t use public Wi-Fi for business, and be wary of shortened links.
To prevent attacks like Petya in general, employees should have their automatic software updates on, and should avoid using outdated operating systems.
And for any clients that you’re speaking to during this busy renewal period – a direct conversation about cyber insurance wouldn’t go astray.