Following reports of a global ransomware attack – Petya – that has so far affected major organisations in Ukraine, Russia, Denmark, France, the UK, the US, Spain and the Netherlands, Vectra Networks has pulled together a visual representation (also attached) of the spread.
Chris Morales, Head of Security Analytics at Vectra Networks:
“Any security vendor saying they could completely protect an enterprise from this form of attack isn’t being honest, because the attacker just needs to succeed once and the attack surface is too large. By adding worm-like spreading to PetWrap, the attacker has created a pyramid scheme that encrypts the boot record of the computer, not just the files, which makes this attack far more fatal. By the time you find one infected machine, you can assume dozens more have been infected, turning this into a light-speed game of whack-a-mole from a security perspective. The NSA designed these tools to specifically bypass existing security solutions, so it’s no surprise that the industry will be playing catch up for the next several months.”