Ransomware is a type of malicious program that can infect your system, encrypt data and demand a ransom payment to decrypt your own data. Recently, WannaCry and Petya made the headlines, affecting hundreds of thousands of systems worldwide. While security analysts dubbed WannaCry as a more primitive ransomware, Petya is way more lethal.
Petya ransomware restarts your system and before your security solutions such as antivirus and anti-malware start, it encrypts your data. It clears all the event logs generated by your system, making it very difficult for you to get a clear picture of what happened. And like WannaCry, it makes use of the EternalBlue exploit in Windows to quickly spread across your organization's network.
A Petya vaccination was revealed based on a conditional check in its code. This involves creating a file perfc in the Windows folder of your C drive to stop this ransomware application from encrypting your data.
Another ransomware attack could happen anytime. Learn how you can mitigate ransomware in your enterprise with our best practises guide.