The latest ransomware attack, named “Petya”, that hit countries’ computer systems on Tuesday night shows that large-scale international cyberattacks are set to be an increasing feature of the digital world.
The Petya virus is very similar to the WannaCry virus that infected computer systems in over 150 countries in May. There are some key steps computer users should take to protect their files and computer against these ransomware-style attacks, and similar cyber viruses.
What computers are affected by the cyberattack?
The WannaCry and Petya cyber viruses both target Windows computer systems. The two cyber scams operate by attacking the same vulnerability, which is called the EternalBlue vulnerability. This is essentially a hole in the Windows computer system’s defence, which ransomware viruses have exploited to gain access to the computer, lock down the files, and then demand a payment from the user to have their computer unlocked.
How can I protect my computer from the ransomware virus?
In March 2017, Microsoft released an update or "patch" that would protect users with Windows 7, 8, 8.1 and 10 systems from these ransomware attacks. This essentially plugs the existing gap or EternalBlue vulnerability in Windows systems.
The security patch, titled "MS17-010" can be found here.
The Petya attack is similar to the global WannaCry ransomware attack, which suggests the same weakness in Windows systems will be targeted again in future. Computer users who have not downloaded the Microsoft emergency patch should do so as soon as possible.
As hackers continually find weaknesses in software, companies like Microsoft release patches to keep pace and help computer users have the most up to date protection. The operating system is essentially the software or engine running your computer, such as Windows 10, or Mac OS Sierra for Apple computers.
The older your computer system the longer hackers will have had time to try to find weaknesses in it, and the more vulnerable it will be. The main advice for computer users would be to keep your computer system updated with the latest security patches as they are released.
Computer users should also routinely back up their files, so if they are hit by a cyber attack there will be a copy of their files.
A simple step-by-step guide on how to back up your files for Windows users can be found here.
Does it only target Windows XP systems?
The computers mainly affected by the WannaCry ransomware virus last month were Windows XP computers. This week’s Petya ransomware virus also targeted Windows XP systems.
The Windows XP operating system was released in 2001 and was one of the most common operating systems throughout the 2000s. In 2014 Microsoft stopped supporting the operating system, meaning it was not releasing any further security upgrades for the XP.
So Windows XP is more exposed to new methods of hacking and is more vulnerable as it is no longer supported or reinforced against new cyber attacks.
The main way current Windows XP computer users can ensure they are protected against cyber attacks or viruses is to upgrade and purchase a more recent operating system. Moving from Windows XP to a more recent system that is still supported by Microsoft should help secure your computer.
The most current Windows operating system you can buy is Windows 10, followed by two slightly older versions, Windows 8.1 and Windows 7.
Other new computer systems are still vulnerable to the cyberattacks, particularly if they do not have the latest security patches downloaded.
What’s different about this Petya cyberattack?
The latest cyberattack targets the same vulnerability in Windows computers, and has a similar goal to shut down your computer and try to extort a ransom to unlock it for you.
This new attack demands $300 (€265) paid in Bitcoin – an untraceable online currency – to release your files or your computer after the virus shuts it down. The Petya virus has some differences, and seems to be less criminally orchestrated than the previous WannaCry virus attack.
It instructs computer users to send an email confirming they have paid the ransom to an email address, and then their files will be released. The server which hosts the email address used in this week’s attack was able to shut the address down quickly on Tuesday night.
Computer users affected by the cyberattack are advised not to pay the $300 ransom. Since the email account has been shut down there is no way to communicate with the hacker to confirm you have paid, and have your computer unlocked.
If the ransomware has infected and shut down your entire PC, you may have to download specific safety software on to a non-infected computer and then try to transfer it over to the affected computer with a CD rom or USB stick.
Detailed instructions on how to try and troubleshoot or shut down the virus if your computer has been infected can be found here.
Ransomware is spread through hidden viruses linked in word documents and PDF files sent over email. Europol, the EU law enforcement agency, have advised people to be wary of clicking on links or downloading attachments sent in any emails from senders they do not recognise.