Just weeks after the WannaCry ransomware malware hit computers and networks around the world, hackers have struck again. Ransomware infections have been reported in Russia, Ukraine, and the rest of Europe, and are expected to spread around the globe.
Unlike the WannaCry malware, which has been around for awhile and exploited the Windows operating system, the latest outbreak appears to be carried out by a new and more dangerous malware. Sophos Security reports it appears to be similar to the Petya ransomware family.
That particular bug reportedly encrypts Master File Tables (MFT) and overwrites the Master Boot Record for good measure. Adding insult to injury, it leaves behind a ransom note, which is the only thing victims can see because they are unable to boot their machines.
"Because it blocks boot efforts and prevents affected systems from working altogether, it’s considered more dangerous than typical ransomware strains," Sophos writes in its Naked Security blog.
According to Forbes, the early victims of the attack, which began Tuesday, include several large institutions in the Ukraine, including power companies and transportation services. Kaspersky Labs told Bloomberg News that as many as 2,000 targets in North America had been hit.
Various media reports also list the Russian energy company Rosneft and U.S. pharmaceutical giant Merck as early victims, along with Maersk, a large Danish shipping company.
The only way to regain access to computer files, once the malware has taken over a system, is to pay an approximately $300 ransom using Bitcoin.
Protecting your system
Protecting your system to avoid infection, of course, is the preferred course of action. According to Sophos, individuals and companies should patch their Windows operating systems.
If you don't already, back up your files and keep them in a location that is not connected to your computer. If it is an external drive, unplug it from your computer or network when not used to back up files. Cloud storage is also a good alternative.
Be very careful about opening any email attachment, even if it is from someone you know. It's always prudent to email that person to confirm they just sent you something. It goes without saying that any email attachments from someone you don't know should be deleted.
Several security software companies offer either free copies of protective software or free trial versions. Read the reviews and pick one you like and use it.