SymQuest Blog

What You Should Know About the Petya or Petrwrap Ransomware Attack

June 27, 2017 - Important Information

What You Should Know About the Petya or Petrwrap Ransomware Attack
Kevin Davis

Posted by Kevin Davis

SQ_Blog_CyberAlert.jpg

On Tuesday, June 27, 2017 another massive ransomware attack, currently known as Petya or Petrwrap (also referenced as GoldenEye or Not Petya), was launched affecting computers worldwide.

Ransomware attacks typically rely on unsuspecting end users clicking on a link or an attachment which launches a program that encrypts (locks) all of the files a user has access to, including those on a corporate server. The user is then told to pay a ransom in the form of BitCoin to receive a key to unlock the files.

This particular ransomware attack exploits a vulnerability in Microsoft Operating Systems. Microsoft released a patch for this vulnerability in their MS17-010 security bulletin; however, many organizations neglect to apply patches or are still using older, unsupported, versions of Microsoft OS such as Windows XP.

For those organizations that are not covered under our SafetyNet Managed Services (Ultimate) program, here are some simple steps your business can take to protect against ransomware attacks:

  • Apply this Microsoft security patch immediately
  • Make sure you are using supported operating systems and applications 
  • Make sure you apply the latest patches as soon as they become available
  • Make sure that all of your systems are protected by antivirus and anti-malware software, and ensure that the virus and malware signatures are updated automatically and consistently.
  • Employ a “next generation” firewall with integrated threat detection
  • Implement backup procedures that create more frequent “recovery points” to limit the amount of lost data if you need to recover your data from backups.
  • Educate your end users to look for the tell-tale signs of a suspicious email

The last step is the most important. As this is an active attack, variants of the original virus are already circulating to thwart countermeasures already in place. It is imperative that your end user community be ever vigilant in inspecting what they are receiving in email and proceeding with caution.

For more information on this particular ransomware attack visit https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported 

To stay up to date on the latest news about network security and vulnerabilities subscribe to Tech Talk today.

network assessment for business

Subscribe to Symquest Tech Talk

Sign up to receive the latest news about innovations in the world of document management, business IT, and printing technology.

Kevin Davis

about the author

Kevin Davis

Kevin oversees SymQuest’s Service teams to ensure the best possible experience for our clients. Kevin works with our network and document clients to help achieve all of their business objectives around uptime, efficiencies, security, business continuity, disaster recovery and all other aspects of their IT and document solution needs.


Find me on