WannaCry was discovered in mid-May of this year, and the powerful ransomware sample wasted no time making a name for itself. Hackers took full advantage of the new ransomware threat, and just three days after it emerged, WannaCry had already been used to spur attacks in more than 150 countries, according to The Verge.
WannaCry spread like wildfire, capturing headlines across the globe. Now, a new ransomware threat is seeking to take WannaCry’s crown. This newest malware has been dubbed Petrwrap or Petya, and it appears to be piggy-backing off the wave created by its predecessor.
While many ransomware infections are similar - utilizing encryption to block access to important files while demanding a ransom be paid in untraceable Bitcoin for decryption - each sample family leverages unique strategies to exploit weaknesses and enable a successful attack. Security analysts studying the threat found that Petya operated in a way that was very reminiscent of WannaCry, according to Independent contributor Lizzie Dearden.
Even more worrisome was the fact that some of Petya’s first targets were considerably high-profile. Petya was leveraged to launch several attacks, including on a national bank in Ukraine, a state power provider and the country’s biggest airport travel hub. Dearden reported these instances were waves of a larger cyberattack impacting Ukraine’s entire government infrastructure.
Over the course of the attack, victims reported they were unable to access computers they used for sensitive government or company information. Among the victims was Deputy Prime Minister Rozenko Pavlo, who shared an image of the ransomware notification screen that was displayed on every government computer. The message noted that a disk contained an error in need of repair, that the process would take several hours, and that users should not turn off the affected computer. Other infected computers displayed a message demanding a $300 Bitcoin ransom, claiming the ransom would restore access to encrypted files.
As the Petya attack continued in Ukraine, several other victims came forward to report their experiences:
There’s no arguing the Petya attack in Ukraine was one of the largest-scale global attacks within recent memory. It is also just one in a recent rash of attacks impacting important systems and organizations across the world.
In this type of environment, the best strategy is for governments and organizations to unify and defend against global attacks of this kind.
“We must work collectively, not just with two or three Western countries, but on a global scale,” said Guillaume Poupard, National Cybersecurity Agency of France director general.
As agencies look to participate in more collaborative efforts against cybercrime, forensic data analytics could hold the key. To find out more, contact us today.