Petya Mainly A Threat To Unprepared And Unwilling Organizations

Petya ransomware

ANALYSIS: Despite repeated warnings and the experience last month provided by the WannaCry ransomware, organizations that failed to prepare for known threats found they were most subject to the Petya malware

When the Petya malware arrived in Europe this week, it seemed at least at first like a repeat the WannaCry cyber-attacks in May.

The victims were running Microsoft Windows computers that had not been patched to close a vulnerability in the SMBv1 protocol.

Microsoft issued the patch in mid-March, and since that time the company has released security updates for Windows versions stretching back to XP. Yet those computers remained vulnerable.

Petya ransomware

Petya ransomware

When the Petya malware emerged this week companies in Europe were the hardest hit, although some U.S. companies were affected as well. If there is any good news, it’s that the rate of infection seems slower than last time and the malware doesn’t seem to be as efficient at attacking across networks as WannaCry was.

In addition, the lower rate of infection may be the result of organizations actually applying Microsoft’s patches on a timely basis.

But the obvious question has to be, why aren’t some companies bothering to fix their Windows operating systems, even in the face of an obvious threat? The excuses are many. Some IT managers worry that a patch may somehow break something in their IT environment.

Others don’t have the resources to do their jobs. Some organizations don’t have an actual IT staff, while in others work with shadow IT environments in which nobody really knows what computers are systems they are running and which need maintenance.

Originally published on eWeek

Continues on page 2…