29 June 2017

East Africa: Sophos Warns Internet Users Against Petya Ransomware Outbreak

Petya a new variant of the Petya ransomware family that has affected organizations across Europe.

This ransomware was first discovered in 2016 - it encrypts MFT (Master File Tree) tables and overwrites the MBR (Master Boot Record), dropping a ransom note and leaving victims unable to boot their computer. This new variant is particularly virulent because it uses multiple techniques to spread automatically within a company's network once the first computer is infected.

Petya also attempts to spread internally by breaking admin passwords and infecting other PCs on the network using remote admin tools. It can also spread internally by infecting network shares on other computers.

Ransomware is one of the most widespread and damaging threats that internet users face. Since the infamous CryptoLocker first appeared in 2013, "We've seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike", says Harish Chib, Vice president Middle East and Africa, Sophos

According to Chib, Sophos Endpoint Protection products are protected against this new ransomware variant so their customers have nothing to worry about. He notes that Sophos Intercept X customers were proactively protected with no data encrypted, from the moment this new ransomware variant appeared.

Here are a few steps to avoid such attacks: Ensure systems have the latest patches, including the one in Microsoft MS17-010 bulletin, consider blocking the Microsoft PsExec tool from running on users' computers using Sophos Endpoint Protection, back up regularly and keep a recent backup copy off-site and avoid opening attachments in emails from recipients you don't know.

East Africa

Ethiopia Wins 2017 UN Investment Award

The Ethiopian Investment Commission (EIC) wins the '2017 United Nations Award' for outstanding performance in targeted… Read more »

Copyright © 2017 CIO East Africa. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 900 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.