Petya virus hits global systems

Yet another global cyber-attack has been reported today, this time named Petya. The virus is similar in nature to the recent WannaCry attack and is said to be based on the same “Eternal Blue” exploits.

The main “attack vector” of the virus is phishing emails – in plain English: the way it gets into an organisation is when people receive emails that appear to be legitimate, but contain a link or an attachment that is dangerous. The virus encrypts your documents, making them unusable, then requests a ransom to decrypt your documents.

Although mail filtering services will stop many of these emails, the malicious senders formulate their messages in such a legitimate way, that they can bypass such services.

Shipping giant Maersk as well as Mondelez (owner of Cadbury) are amongst the organisations hit by the attack overseas. As of this writing, no New Zealand organisations have reported being affected.

As always, we recommend computer users remain vigilant and think carefully before clicking on a link or opening an attachment in an email.

Some common examples of Phishing emails:

  • Courier company (e.g. DHL, FedEx etc) informing you of a missed delivery with a link to reschedule a delivery
  • Emails from a company (e.g. bank, Facebook, Dropbox etc.) asking you to verify your credentials or immediately settle your bill
  • Utility companies (power, gas, etc) with your bill apparently attached
  • A CV attached to an email for your review

These emails are most effective when you are “primed”. That is, you are actually expecting a delivery or you are a customer of the company referenced.

If you suspect an email is a phishing attempt, please keep the below in mind:

  • Organisations will generally never request you to provide login credentials – especially banks
  • Examine the links in an email to see where they actually lead to (hovering over a link will often show you this). If the link looks suspicious, seek advice from IT
  • Contact the organisation by phone to verify the email’s legitimacy
  • Incorrect spelling or grammar can be an indicator of a malicious sender
  • Check the sender’s email address for inconsistencies. An email apparently from FedEx which is sent by a Gmail account is a red flag

If you need assistance protecting your IT systems, please contact the team at ADC to discuss how we can help your business.