Here we go again, another major ransomware attack in Europe and the United States within a couple of months. This one is called Petya and it's been working its way here in the US by using the same exploit of SMBv1 that WannaCry used which rapidly spreads across networks.
Petya which also has been referred to as Petwrap has been bringing computers down at corporations, banks and other companies. How Petya works is that it will reboot the computer and encrypt the hard drive's master file table, which makes the master boot record inoperable restricting access to the system. It will replace the master boot record with it's own code which displays a ransom note and leaves computers unable to boot.
What to do
1) Make sure your operating system is up to date.
2) Remove the unused but vulnerable SMBv1 file sharing protocol from your system. In Windows 10 do the following:
- Open the control Panel (search for it from the start menu)
- Click Programs and Features, and then on the left hand column
- Click Turn Windows Features on or off
- Scroll down to SMB 1.0/CIFS File Sharing Support
- Uncheck it and reboot.
If you need help please feel free to contact us at 516-762-0155.