Petya Malware

The next widespread malware outbreak stemming from the sale of the NSA’s Eternal Blue vulnerability has hit a range of large organizations in Europe and elsewhere across the globe.  Ukraine has been hit particularly hard this time with a number of large enterprise and government organizations affected. Speculation about the Malware author’s intentions ranges from simple extortion to targeted data destruction of warring nation-states. The malware modifies the Master Boot Record of infected machines, preventing normal booting into windows. Like Wannacry, files are encrypted and a ransom is demanded to have them restored. Some sources claim that decryption is unlikely even if payment is made, and others speculate that the malware was intentionally written to destroy data and make it look like an accidental side effect of a good old fashioned ransom.

Customers using ContentKeeper’s Secure Internet Gateway are protected from the infection, however, it is still recommended that any Microsoft systems not yet patched for the leaked NSA vulnerabilities are patched immediately. See our blogpost on Wannacry for the details, the advice remains the same. With a plethora of leaked NSA tools freely available for purchase online and millions of unpatched Windows devices still in the wild, this will not be the last such attack we see in the near future. Until these Windows systems are patched, criminals of all abilities and ambitions will continue to use these exploits for nefarious purposes.  To protect yourself and your organization you need to implement multi-layered security infrastructure like ContentKeeper’s Secure Internet Gateway and ensure that all devices are kept up to date with the latest security patches from their respective manufacturers.

ContentKeeper’s Secure Internet Gateway provides Malware protection with:

  • Malicious URL filtering.

  • Signature scanning from market leading AV vendors Kaspersky and Bitdefender.

  • Zero-day protection with Behavioral Analysis and Cloud Sandboxing.

  • Threat Isolation.

  • Geo-Fencing and much more.

For more than 20 years, ContentKeeper has delivered comprehensive, accessible web security solutions for global enterprises, educational institutions and government agencies. We enable our customers to protect their networks, users and data from cyber threats while embracing mobile technology, Internet of Things (IoT) and cloud-based services.

About the author: David Wigley Co-Founded ContentKeeper Technologies in 1997 and serves as its Chief Executive Officer. David has many years of experience in software engineering, sales and management within the Computer Security Industry.