A ransomware attack that has been referred to as Petya (though it is technically a different malicious attack and is being called NotPetya by security researchers) began spreading to computer systems around the world Tuesday, hitting government systems in Ukraine and corporate networks in Russia, Britain, Denmark and the United States, among others.
The attack makes use of the same exploit that led to the spread of the WannaCry ransomware earlier this year — an attack that resulted in the infection of hundreds of thousands of computer systems in more than 150 countries. Luckily, there are ways to protect against these types of attacks to ensure against becoming a victim.
Petya — or NotPetya, as Kaspersky Lab has labeled the attack after discovering it is not the same strain of the Petya ransomware but rather an entirely new one that used Petya as its framework — makes use of the EternalBlue and EternalRomance exploits in Windows operating systems, both first discovered by the U.S. National Security Agency.
Those vulnerabilities were stolen from the NSA by a hacking group known as the Shadow Brokers, but the NSA disclosed the method of attack to Microsoft. Microsoft released a patch for the vulnerability in March for current operating systems and issued an emergency patch for the exploit on outdated machines in May as WannaCry began spreading.
“Keeping systems up to date, good cyberhygiene, would have worked” to prevent the spread of this attack, McAfee chief scientist Raj Samani told International Business Times.
Data provided to IBT by cybersecurity firm Avast showed there are at least 38 million PCs worldwide that have not yet patched their systems with the security update that would stop the spread of attacks like WannaCry and Petya. That figure comes from the company’s Wi-Fi Inspector service, and the number of computers that are at risk is likely higher, potentially…