The summer of 2017 hasn’t been that wonderful. May 2017 witnessed a ransomware attack at a global level. It was WannaCry Ransomware attack which created havoc across the world.This is followed by another attack namely, “Petya”.
Many organisations in Europe, India and US have been infected by the same. But the worst hit nation is Ukraine where many government sites as Ukranian National Bank has fallen victim to this massive attack.
India’s largest container port Jawaharlal Nehru Port (JNPT) has been crippled by this cyber attack. The Indian government has informed that one of the terminals at the JNPT port has been affected by this virus attack.
Danish transport and energy firm Maersk is infected by the malware attack due to which all the Maersk IT systems are down across the multiple sites and business units. Also, according to the Russian energy giant Rosneft’s tweet, it is also facing a “powerful hacker attack”.
What is a ransomware attack?
Ransomware attack is a technique through which hackers hold your computer hostage by encrypting all the data on your device. In exchange for getting free of this attack, they demand a ransom amount which has to be paid within the stipulated time limit. If not, they wipe the data from the device.
What is Petya ransomware attack?’
Petya is a kind of virus, which was spotted by many security firms in the past. It uses a similar loophole found in Windows, which WannaCry had previously used.
What is different than WannaCry?
Petya locks down the Computer’s hard drive as well as the files stored in it. This makes it difficult to recover the data that is infected.
How does it work?
This malware not just encrypts the files on a targeted system but it also encrypts the hard drive’s master file table (MFT). This renders the master boot record (MBR) useless and the system doesn’t boot.
After this, the malware reboots the affected system and displays a fake message. This enables it to secretly encrypt the whole system. It is being learned that the Petya ransomware has actually replaced the system’s MBR with custom malicious code which displays a ransom note. This leaves the device functionless. In exchange for the decryption code, a demand of $300 worth of bitcoins is made by the hacker.
A New Research
A new research claims that Petya is not a ransomware but a wiper. The main aim is to wipe all the data right from the one that is stored on the operating system. The idea behind this attack is not that of financial gains but of massive destruction of data.
Apparently, Petya Cyber Attack has slammed the PC’s and laptops shut across many companies worldwide.
But unfortunately, there’s no solution to this problem except that one needs to have a backup on an external device.