Next-Gen Active Directory Monitoring & Management Seminar

Petya really makes me WannaCry

Ransomware is a type of malicious program that can infect your system, encrypt data and demand a ransom payment to decrypt your own data. Recently, WannaCry and Petya made the headlines, affecting hundreds of thousands of systems worldwide. While security analysts dubbed WannaCry as a more primitive ransomware, Petya is way more lethal. 

Petya ransomware restarts your system and before your security solutions such as antivirus and anti-malware start, it encrypts your data. It clears all the event logs generated by your system, making it very difficult for you to get a clear picture of what happened. And like WannaCry, it makes use of the EternalBlue exploit in Windows to quickly spread across your organization's network.  

Petya vaccination was revealed based on a conditional check in its code. This involves creating a file perfc in the Windows folder of your C drive to stop this ransomware application from encrypting your data. 

Another ransomware attack could happen anytime. Learn how you can mitigate ransomware in your enterprise with our best practises guide. 

Learn how you can mitigate ransomware in your enterprise

Download the free PDF

What is WannaCry?

Learn how Log360 helps combat WannaCry and other ransomware.