The Petya/NotPetya ransomware worm is using multiple techniques to lock down computer networks for ransom in many countries. The virus is initially disguised in a file which is expertly hidden in an email. When the file is opened within Microsoft Office, which happens automatically when the email recipient clicks on a link in the email, it searches for a vulnerability in Microsoft office. As long as your office was correctly updated in April 2017, it won’t find a way into your computer. However, if you are running outdated software or an incomplete Windows update failed to patch the hole; then your computer could be taken down by the ransom wear.
INC Tech is diligent about applying Microsoft patches for our Managed Services Clients (learn more about Managed Services and our initial Complimentary Security Audit), however we urge people to follow an established protocol to protect our clients from any potential harm associated with the Petya ransomware threat:
- Be suspicious of emails you receive from unknown sources and in particular to any attachment or link that is included in the email. The best course of action in this situation is to delete the email. If the email is deemed necessary for business purposes, but you are unsure of the attachment then please forward to firstname.lastname@example.org. The attachment will be reviewed and you will receive a response as to whether the email and contents are legitimate.
- Refrain from forwarding emails from unknown parties to another team member. If you are unsure of the email’s legitimacy either delete it or send to email@example.com
- Make sure to empty your email trash file throughout the day to ensure that suspicious emails in your trash or spam are routinely deleted from your PC.
- When visiting websites, avoid selecting any pop ups that may come up on your browser. This is a known method for infecting technology systems with malware.
- Call us at INC Tech immediately at 310.910.9044 if you believe your PC may be compromised as a result of opening an email, an attachment, or from a website visit.
INC Tech will continue to monitor the Petya ransomware threat and will provide updates as required. Please contact me if you have any questions or require assistance.