Wannacry Outdone As Petya Strikes Aussie Targets
Petya has arrived with a vengeance and renewed strength, with thousands of unprepared Australian organisations and individuals’ computer systems reported under attack by late yesterday.
The Wannacry-like ransomware is on the attack. Only this time researchers say Petya, also called Goldeneye, hasn’t made the same mistakes that the Wannacry hackers made.
That means it won’t be as easy to stop, especially for companies and organisations that for some insane reason haven’t strengthened their defences against such an attack.
And there are plenty that haven’t, including the giant shipping line Maersk which transports one out of every seven containers in the world; Russia’s main oil company; Ukrainian banks – and the list goes on.
Once inside the network, the ransomware steals administrative credentials, giving it control over powerful system management tools like Windows PsExec and Windows Management Instrumentation
A researcher at security firm Bitdefender said the quality of the ransomware code improves from iteration to iteration. The Petya ransomware seemed “pretty solid” and there is no sign of a kill switch like the one that was Wannacry’s downfall, he said.
One Australian outfit hit early yesterday was Tasmanian-based chocolate maker Cadbury – see following story. Another Hobart-based operation – that of Spanish food giant Mondelez – saw 500 workers placed on cleaning duties following a Petya-related computer outage.
By late afternoon,the huge logistics outfit TNT Express was among those under attack. Thousands of other Australian and NZ systems were also affected, Symantec Australia’s cyber security manager Nick Savvides told CDN.
He said that about three-fifths of Oetya attacks seemed aimed at corporate systPms, two fifths at individual users.
Attacks at this stage have been confined to Windows systems: Macintosh users have so far been unaffected, Savvides said.
But he was adamant that all computer users should be backing up their systems, applying protection software like Symantec’s Endpoint; and, in the case of organisations, ensuring that all staff – especially including factory workers as well as office staff – are trained in how to apply protection