Back in May, the world saw a global ransomware attack on a then-unprecedented scale – WannaCry. This cyber attack affected more than 230,000 computers in more than 150 countries, and is estimated to have cost businesses up to $4 billion. To say that businesses were caught off-guard is an understatement, with the malware utilising vulnerabilities in the long-obsolete Windows Server Message Block (SMB) v1 and through computers with out-of-date Windows security patches. It gets onto a network most often through human error – employees clicking phishing emails – then spreads like wildfire to other machines that are connected to the internet.
This week, however, reports came in from Ukraine and across Europe that a new mass-ransomware attack was underway. Initially theorised to have been a variant of WannaCry, cyber security experts now believe it to be a variant of Petya, a strain first seen in 2016 which was then predicted to be “the next step in ransomware evolution”.