Ransomware outbreak spreads globally affecting 2,000 organisations

A ransomware attack has affected at least 2,000 organisations globally on Tuesday. The ransomware dubbed ‘NotPetya’ hit Ukraine first crippling airports, banks and even government systems and has now spread to Western Europe, Russia, Australia and the US.

The ransomware is said to not have been designed to make money but instead to spread very quickly and cause damage, however the software demands payment of $300 in Bitcoins to restore the user’s files and settings.

The malicious software has affected at least 2,000 organisations across the globe including some businesses in the UK. The ransomware has spread through a number of large firms including Danish shipping and transport firm Maersk, Mondelez Food Company and advertiser WPP, as well as the Chernobyl radiation detection systems, US hospitals and even a chocolate factory in Australia…

The ransomware employs multiple infection strategies, including a modified version of the EternalBlue exploit which was the primary way the recent WannaCry virus spread. This was patched by Microsoft in March, which suggests that many are yet to update their Windows systems.

NotPetya enters unpatched Windows systems using hacking tool EternalBlue, then steals passwords to get access over the entire network. Then it begins spreading itself as a forced update to all machines on the network.

How to protect yourself?

Almost all antivirus software’s now claim that their software has been updated to detect and protect against the ransomware so it’s crucial you update all your antivirus software.

Additionally, you should update your Windows software to defend against the EternalBlue vulnerability.

And as always you should ensure you don’t open any unrecognised/suspicious files or attachments.