Another ransomware attack was identified Tuesday and is affecting critical infrastructure providers across the globe. The ransomware, called GoldenEye, is a new strain of the Petya ransomware. GoldenEye is especially vicious as it does more than simply encrypt files – it also encrypts hard drives by overwriting the master reboot record. This prevents the computer from loading the operating system, rendering it useless. Once infected, a message on the computer demands a ransom of $300 in Bitcoin to be unlocked.
It looks like GoldenEye started in the Ukraine with government organizations, transportation services, a national bank and power companies reporting outages. Since then, the attack has expanded throughout Europe. Multiple American companies have been hit, too. So far, reports have identified more than 12,500 machines affected in at least 65 countries. Larger enterprises and locally-networked companies appear to be the main targets.
Just last month, the WannaCry ransomware attack hit systems across the globe. Though the strain of ransomware used is different, there are a few similarities between these two attacks – both affected multiple countries, demanded a Bitcoin ransom, and exploited vulnerabilities in Microsoft EternalBlue. Perhaps the biggest takeaway, though, is just how common these large-scale attacks are becoming. Two major attacks in two months show that hackers will continue to take advantage of exploits and vulnerabilities as long as there are opportunities to do so.
This latest attack serves as another reminder of the importance of keeping all systems updated. All an attacker needs is one entry point – one computer that hasn’t been updated – and the entire system is vulnerable. Microsoft announced another series of patches to fix the EternalBlue exploit earlier this month, including updates for older systems that are no longer supported. Computers that have these patches installed should be safe from the Petya attacks.
Patches and updates are designed to reduce the risk of threats infecting a computer, program, or app. The minor inconvenience of keeping a system updated is well worth being protected from attacks like Petya and WannaCry.