First published at 9.30am
A new ransomware campaign known as Petya is affecting computer networks using Microsoft Windows. It was first seen affecting systems in the Ukraine, but is quickly spreading across other computer networks in Europe.
To help prevent an attack, it’s critical to ensure that all systems in a network are patched. Petya gets into unpatched versions of Windows systems (XP through 2008 R2) by exploiting a vulnerability in Microsoft's Windows SMB server. If Petya enters a network through an unpatched system, it will be able to spread to any other trusted systems in the same network, even if they have been patched.
This vulnerability exploited by Petya is known as EternalBlue. Microsoft released a patch for EternalBlue, called MS17-010, in March this year.
The ransomware encrypts not only the file system on affected computers but also the Master Boot Record (MBR) in environments where the malware is able to do so.
Please click here for more information.