Hot on the heels of randsomware WannaCry, which infected NHS systems, comes Petya, reportedly spreading through the business world after hitting companies like Cadbury and Mondelez. But what are businesses set to lose from these attacks? It helps to go back to basics.
What is Petya?
Petya works by infecting computers by encrypting files that then require a decryption key to unlock, obtained from the hackers via email after a Bitcoin payment. However, it’s thought that the aim of the program isn’t really to extort money – the email address which hackers were using to send the victims their decryption key has been suspended, which means that even after paying money, victims aren’t able to unlock their machines. It also seems to be a more destructive version of other ransomware, purely designed to spread quickly and ruthlessly.
How does it affect businesses?
There are 3 main areas cyber attacks can strike, namely:
Reputation – particularly if clients’ personal data is stolen
Finance – such as through lost sales from customers migrating
Legal – sanctions from regulatory bodies, if proper security was not in place
What can be done about it?
Making sure your computer is running the latest system updates, with appropriate anti-virus protection, and that your files are backed up can help in the event of an attack. Knowing your way around a computer can also be of use: it’s thought some computers with a specific file on the hardrive slowed down the ransomware, and victims are presented with a fake Windows ‘system repair’ message which, if the computer is reset, prevents Petya from encrypting any files (though the computer will still be infected).
As with any cyber crime, it’s important to tackle things quickly in order to minimise fallout – especially when it’s your business on the line.
Image credit: Isaiah van Hunen on Flickr.