Global Ransomware attack update – NotPetya

by

We are aware of a RansomWare outbreak which has been taking place and have been carefully monitoring the situation.

It was thought that it was based on Petya, an earlier version of the Ransomware, but has been named “NotPetya” due to significant differences. Aside of the standard process of encrypting documents it is also understood to have a payload which steals usernames and passwords from the infected computer. It then attempts to spread itself through email and windows shares exploiting an unpatched vulnerabilities.

The precise affected versions of Windows isn’t yet known, but we’re told Windows 10’s Credentials Guard spots NotPetya’s password extraction from memory.

We advise clients to remain vigilant at all times and not to open suspicious email attachments and websites.

As we know more we will keep you posted.

Share

Rob has worked in the IT industry for over 20 years. Having ran a ISP back in the late 90's gave him experience of early internet services and the progression to where they are today. Today he focuses on delivering cost effective IT services to clients without the need for technical jargon. Outside of work, he can often be found cycling around Derbyshire or spending time with his family.