'Petya' cyber attack: What is this ransomware and is it more dangerous than WannaCry?
Systems are shutting themselves down and workers are being told to leave their desks
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A virus is spreading rapidly across the world, shutting down some of the world's biggest companies with apparently no way of stopping it.
It would be shocking if it didn't sound so much like the last crippling attack on the internet – Wannacry, which took down the NHS as well as a range of other huge companies just a couple of months ago.
And the two appear to have come from the same family. That will come as an extra to worry to IT professionals – in part because the disastrous effects of Wannacry were supposed to have been patched and fixed, and in part because when the virus originally spread it was only stopped by a stroke of luck.
This time around it seems to be a strain of malware known as Petya, which has been re-engineered into a specific version called Petrwrap. That malware is well-known – it has been written about at length by IT professionals, even before the rise of Wannacry – but many antiviruses and patches are still not able to defend against it.
Likewise, some cyber security firms including Symantec have said that the hack makes use of the EternalBlue exploit – the exact thing that let Wannacry manage to worm itself into people's computers. That has been patched by Microsoft – it takes advantage of a vulnerability in part of Windows – but that patch must be applied by the owners of devices, which often aren't updated and sometimes can't be.
Petrwrap is ransomware, and is presenting itself as such to those people who are infected: when a computer or system goes down, it shows a screen telling people to pay a bitcoin ransom if they want to get their files back. As The Independent wrote in its guide to ransomware the first time around, this sort of malicious software exists primarily if not solely to make money – even if it mostly does a bad job of it, since most people have backups and don't pay.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments