ransomware

SortaPeyta ransomware explained and we have a solution


The new cyber threat

A new global cyber-attack has hit with a similar reach to the previous WannaCry ransomware attack that infected more than 300,000 computers around the world last month.Radius-IT-Telcoms_cloud_security_ virus keyboard keyboard symbols computer closeup technology 2560x1600 1

In the first hours of the attack, researchers believed that this new ransomware was a new version of an older threat called Petya, but they later discovered that this was a new strain altogether, which borrowed some code from Petya, hence the reason why they recently started it calling it NotPetya, Petna, or as we like to call it SortaPetya.

 

Why this Ransomware is difficult to stop

When a computer is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in Bitcoin, for a digital key needed to unlock the files. If victims don’t have a recent back-up of the files they must either pay the ransom or face losing all their files. We would advise never to pay the ransom.

Unfortunately, unlike WannaCry, there is no kill switch. However, researchers have found a vaccine which prevents the ransomware virus from running. SortaPetya searches for a local file and exits its encryption routine if that file already exists on the disk, so users can create a file on their computers, set it as read only which blocks the NotPetya ransomware from executing.

How to protect your organisation

For extra security, Radius Technologies would advise the following:

  1. Vaccinate your Windows device NOW – see instructions below
  2. Bring all Microsoft vunerability patches fully up to date on your machines
  3. Send an email (or forward this email) to every user in your organisation to let them know NOT to click ANY links within an email or open an email with encrypted content until first cleared by yourselves. For information on services such as BlockMail, please contact the radius sales team.
  4. Ensure that you have Blended Threats in place and fully active across your organisations mail boxes. Again, contact Radius for more information on this.
  5. Discuss with the Radius tech team about putting a rule in place to block encrypted attachments.

 

NB: Below is a way to ‘vaccinate’ your Windows based PCs/Laptops and other devices – simply follow the instructions for your browser of choice and you can vaccinate against this current threat in a matter of less than a minute.

Instructions for running the Petya patch for Google Chrome (Sections below refer to Internet Explorer, Edge and Mozilla Firefox

1)      Copy and paste the following link into your browser to download the batch file https://download.bleepingcomputer.com/bats/nopetyavac.bat

2)      In the bottom left you will see the notice below..  Click Keep

Radius-IT-Telcoms_cloud_security_ 1

 

 

3)      You will now see the file in the bottom left corner click the arrow to the right of the file then click show in folder

Radius-IT-Telcoms_cloud_security_ 2

 

 

 

 

 

4)      You will now see the file in your downloads folder, right click the nopetyavac.bat and then left click run as administrator

Radius-IT-Telcoms_cloud_security_ 3

 

 

 

 

 

 

 

 

5)      A windows User account control will pop up click Yes to allow

6)      The following window should appear to confirm that the patch was successful.  Please make sure it says Computer Vaccinated for Current version of Notpetya/Petya/Petna/SortaPetya

Radius-IT-Telcoms_cloud_security_ 4

 

 

 

 

 

 

For Internet Explorer and edge browser

1)      Copy and paste the following link into your browser to download the batch file https://download.bleepingcomputer.com/bats/nopetyavac.bat

2)      At the bottom of the window you will see a windows run banner, click save.

Radius-IT-Telcoms_cloud_security_ 5

 

 

 

3)      Next Click on Open Folder

Radius-IT-Telcoms_cloud_security_ 6

 

 

 

 

4)      You will now see the file in your downloads folder, right click the nopetyavac.bat and then left click run as administratorRadius-IT-Telcoms_cloud_security_ 7

 

 

 

 

 

 

 

 

5)      A windows User account control will pop up click Yes to allow

6)      The following window should appear to confirm that the patch was successful.  Please make sure it says Computer Vaccinated for Current version of Notpetya/Petya/Petna/SortaPetya

Radius-IT-Telcoms_cloud_security_ 8

 

 

 

 

 

For Mozilla Firefox

1)      Copy and paste the following link into your browser to download the batch file https://download.bleepingcomputer.com/bats/nopetyavac.bat

2)      Click Save File

Radius-IT-Telcoms_cloud_security_ 9

 

 

 

 

 

 

3)      In the top right you will see the Mozilla download arrow, click the then click the tiny open folder icon to the right of the nopetyavac.bat file

Radius-IT-Telcoms_cloud_security_ 10

 

 

 

 

 

4)      You will now see the file in your downloads folder, right click the nopetyavac.bat and then left click run as administrator

Radius-IT-Telcoms_cloud_security_ 11

 

 

 

 

 

 

 

 

5)      A windows User account control will pop up click Yes to allow

6)      The following window should appear to confirm that the patch was successful.  Please make sure it says Computer Vaccinated for Current version of Notpetya/Petya/Petna/SortaPetya


Related News


Field Service Engineer – Dublin

Field Service Engineer - Dublin Job Purpose Onsite delivery of Radius technical services, and providing superior customer service to our clients in the Dublin region. Key Tasks & Responsibilities Install,
View All

Call our sales team now on LoCall 0818 592500.

Alternatively, please send us a message via the form below and we’ll call you back.

Get in Touch

Certified Excellence


Radius maintain both ISO quality and Information Security certification. With GDPR regulations now in force, it’s critical that your IT partner handles your organisation’s sensitive data with the highest of standards.

ISO Quality and Information Security certification requires rigorous processes to be embedded at the heart of everything we do. Radius is proud to maintain this standard, awarded to only the very top tier of IT service providers.

Industry leading partnerships

Radius is a gold Microsoft partner for Datacenter and Cloud Solutions, a preferred HP and Cisco partner and a Retail Excellence Ireland gold partner. These partnerships give us unrivalled access to the best technology to support our clients’ IT and Telecoms needs.