Man types on computer keyboard in this illustration picture
Man types on computer keyboard in this illustration picture

'Petya' cyber attack worse than WannaCry hack that crippled NHS, says expert

'Exactly the type of follow-up attack that everyone really feared'

Aatif Sulleyman
Tuesday 27 June 2017 17:33
comments

The ‘Petya’ cyber attack currently spreading around the world could be “bigger” than WannaCry, a cyber security expert says.

The ransomware initially hit Ukraine, but the WPP has confirmed that several of its companies have also been affected by it.

Naturally, comparisons are being made with WannaCry, the ransomware that so badly affected the NHS in May, but some believe Petya could be worse.

“This new Petya ransomware variant is like WannaCry without the kill switch, spreading automatically from computer to computer by itself and locking files,” Steve Malone, the director of security product management at Mimecast, told the Independent.

“Some believe WannaCry was an experiment that escaped early. The easily detectable kill switch and relatively low build quality suggested it was not written by elegant coders.

“This new Petya variant is exactly the type of follow-up attack that everyone really feared; bigger and better.”

Petya is a known strain of ransomware, but a new version called Petrwrap is designed to be tougher for victims to protect themselves against.

Like WannaCry, it’s believed to be making use of the EternalBlue exploit that was stolen from the National Security Agency.

Microsoft has patched the issue, which took advantage of a vulnerability in Windows, but users who haven’t downloaded the fix can still be hit.

“A cyber resilience strategy that acknowledges that attacks are likely to continue and will sometimes be successful is required. Defence-in-depth security and continuity plans are needed to keep critical services running every time they are attacked,” said Mr Malone.

“Office workers at UK firms have been sent home as IT staff have turned computers off and blocked emails from arriving in fear. All UK organisations must review their cyber resilience strategy in earnest.”

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments