Another interesting week
Yet again we have an interesting week in the word of Cyber security. A new variant of the Petya virus (first seen in 2016) reared its head with attacks showing mainly in Russia and the Ukraine - some UK companies have been hit though. Dubbed NotPetya (or ExPetya) due to code variations the Virus initially looks like a typical ransom-ware attack, displaying the usual 'Your files have been encrypted..' screen. However victims are reporting that there is no real way to generate a usable key for decryption purposes, in addition the virus also wipes the first few sectors of the hard disk, rendering the file system useless. This changes the attack from criminal to malicious - once a computer is infected then the only way back is a complete wipe and re-installation, changing the point from one of blackmail to one of destruction, i.e. it becomes a true Cyber-Attack. Once a computer is infected the propagation method is again via the EternalBlue hack (thought to have been developed by the US intelligence community), taking advantage of the same SMB vulnerability we saw exploited by WannaCry - responsible for the NHS problems we saw earlier in the year.
Hopefully you're not infected but again the general advice of staying up to date with security patches and having both full and recent backups (along with a well thought out backup and disaster recovery strategy) is worth its weight in lost business hours..