Cybersecurity Insight

File Retrieval Solution for Petya Ransomware Victims

13 Apr

If readers have heard about Petya, the newest in a slew of recent ransomware attacks, hopefully it’s been through a blog like this. The newest “IT” malware attack to hit the scene, Petya is hidden within documents attached to emails that purportedly come from someone interested in obtaining work. Until recently, it seemed that those affected would have to deal with the attack outcome by paying the ransom (the equivalent of $375 US) or recreating their networks and data from scratch. However, new discoveries were made by a white knight that solved the puzzle of this particular attack for the time being.

This user, known only as Leostone, cracked the code delivering the encryption key to Petya without having to pay the ransom, but also released a web-based tool for others to free their data from its grasp. In regards to Petya, this attack was particularly annoying because it would encrypt files and scramble the master boot record (the sector of an inserted disc that identifies where the operating system is located so the program in question can be loaded into the computer’s main storage) on the infected drives. There is a second step with the aptly-named Petya Sector Extractor: basically it does what the name implies and manages to extract some of the infected data so that you can plug it back into a clean computer and input the code found through Leostone’s solution.

All of this, for those that aren’t as well-versed in ransomware attack survival techniques, can be rather daunting and almost impossible. However, it just speaks to the bigger issue at hand, and it’s a mantra repeated time and time again at Neovera and other firms across the country: back up data. Small businesses, large enterprises, everyone in between – if data is backed up in a timely and succinct fashion, ransomware attacks become obsolete and worthless to hackers because they won’t have anything to bargain with. Now, though the steps outlined above may be off-putting, a cyber security consultation is a great first step to providing the small amount of coverage needed to save your organization a lot of pain in the long run.