By Drew M. Smith
The new outbreak was caused by a modification on an older bug, called Petya. It started in the Ukraine and quickly spread throughout Europe and North America. The virus is using the same exploit on Windows programs that was supposed to be patched out. Due to costs and other factors, many companies did not take the warning from the previous hack and as a result were breached.
This time however, the virus had another trick up its sleeve. The ransomware had similar characteristics to a computer worm called Goldeneye. This worm allows for quick spread once the virus entered a computer. This spread would infect other computers in the same system or network. It locks down the computers and hold it for a bitcoin ransom. The fact there hasn’t been a workaround for the lock down yet means companies are essentially shut down.
The low ransom cost for unlocking the computers is unusual. Some analysts believe it wasn’t looking for money, rather "There is mounting evidence that the #GoldenEye/#Petya ransomware campaign might not have targeted financial gains but rather data destruction," said Bogdan Botezatu, senior e-threat analyst at Bitdefender.1 Citing a lack of the usual parameters for this type of attack, such as an easy payment system and an unusually long decryption key, the new attack seems to be more about chaos than robbery. As a result, most of the victims have been those with large employees.
Once again, the large scale of outbreak was caused by legacy systems and reluctance to update a system to incorporate the new patches. You need to keep updating your software when prompted, regardless if your computer is old or new. Do not open unfamiliar emails as they can easily let in the ransomware. These recent attacks should continue to serve as wake up calls that everyone is vulnerable to an attack.