ITNewsAfrica logo

linkedin   twitter icon   facebook


Getting to grips with the Petya virus as fictional scenario becomes global fact


JOHANNESBURG – June 30, 2017 – Picture the scene: in parts of Africa and Europe, office workers are sitting at their computers when the instruction comes into their office mailboxes: ‘As a precautionary measure, turn off your Windows-based computer and do not use wi-fi – the company is under attack globally from a new virus software’. Elsewhere near Mumbai, a terminal at India’s biggest container port is unable to load or unload because of the attack, as the facility can’t identify which shipment belongs to which company. In Kiev where the attack begins, operations are disabled in government systems, private global companies and the Chernobyl nuclear facility. This all sounds like a scene from Tom Cruise’s latest Mission Impossible, filming right now, but instead it is, unfortunately, fact and not fiction.

These scenes – and many more across Europe, Russia, Asia, Africa and North America - unfolded on 27 June as a new ransomware variant attack, the Petya virus, was unleashed globally. Victims were told to pay $300 in cryptocurrency per infected computer to unlock their systems. Anton Jacobsz, managing director at Networks Unlimited, an authorised distributor of Fortinet in Africa, says, “This new ransomware global attack comes just six weeks or so after the WannaCry ransomware crippling of computers in at least 150 countries in mid-May. The strength and reach of these two global ransomware attacks in such a short space of time underscores the seriousness of this kind of cybercriminal activity and the need to guard your organisation.”

Jacobsz says the Petya virus – in just hours - has already impacted on a wide range of industries and organisations, including critical infrastructure such as energy, banking and transportation systems. He clarifies, “This variant is part of a new wave of multi-vector ransomware attacks that Fortinet is calling ‘ransomworm’, which take advantage of timely exploits. The ransomworm is designed to move across multiple systems automatically, rather than stay in one place. It appears that the Petya ransomworm is using similar current vulnerabilities that were exploited during the recent Wannacry attack.

“However, this variant, rather than focusing on a single organisation, uses a broad-brush approach that targets any device it can find that its attached worm is able to exploit. It appears that this attack started with the distribution of an Excel document that uses a known Microsoft Office exploit. Because additional attack vectors were used here, patching alone would have been inadequate to completely stop the attack, which means that patching needs to be combined with good security tools and practices.”

Jacobsz adds that Fortinet customers were protected from all the attack vectors, as they were detected and blocked by Fortinet’s ATP, IPS and NGFW solutions. “In addition, the Fortinet AV team issued a new antivirus signature within a few hours of the discovery to enhance the first line of defence. Further, Fortinet is making available a number of different resources to help customers ride out this new wave of ransomware attack.”

These resources include the following:

  • A blog containing the latest Fortinet commentary.
  • The Petya Centra Content Hub for ongoing industry news and updates.
  • A webinar for customers on Thursday 29 June.

Picture the scene: somewhere in the world, shadowy underground cyber-law enforcement operatives are closing in on even more sinister figures at the centre of a global ransomware hacking ring. But wait… look closer and you will see them in an established crime writer’s imagination: fingers are moving quickly over a laptop keyboard as the novelist pens his latest thriller. Who needs the Cold War for inspiration for works of fiction these days, when ransomware attacks are taking on more global momentum than ever? And who will be the new ‘Ethan Hunt’ capable of stopping them? Watch this space, but meantime, take care to guard your cyber borders, especially when they spread across the globe. Ransomware, unfortunately, is here to stay. And this is a fact. Not fiction.

For more information, please contact Stefan van der Giessen, business unit manager for Fortinet at Networks Unlimited at stefan.vdgiessen@nu.co.za.

About Networks Unlimited
Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Fortinet, F5, Mellanox, ProLabs, Rackmount, RSA, Rubrik, Silver Peak and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market. Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.

Networks Unlimited, Ingrid Mulaudzi, +27 (0) 11 202 8400, ingrid.mulaudzi@nu.co.za
icomm, Debbie Sielemann, +27 (0) 82 414 4633, debbie@pr.co.za, www.icomm-pr.co.za




ITNewsAfrica logo

Download Button