How to Protect Yourself from Petya/GoldenEye Ransomware
Recently, a new strain of ransomware attack broke out. Many organizations in Europe and the US have been crippled by the new ransomware called Petya/GoldenEye. It spreads rapidly across the world and is expanding the infection. Here’s what you need to know about Petya/GoldenEye and how to prevent the attack:
What Is Petya/GoldenEye?
Similar to WannaCry, Petya uses the Eternal Blue exploit to infect Windows devices, especially older Windows systems. Not like WannaCry which encrypts the files one by one, Petya is much more dangerous that can damage the whole hard drive, even stop you entering your system.
How Does Petya Attack Work?
While Petya is trying to infect a computer, Blue Screen of Death can be a signal, then the system will reboot by force to finish the encryption. This can be ignored easily as the process looks like Windows scanning and repairing the system itself. Once the reboot finished, the computer is encrypted and a note will pop up to alert the user to pay the ransom.
Petya/GoldenEye Ransomware Lock Screen
How to Prevent Petya/GoldenEye Attacks?
Ransomware attack can be a real disaster as it threatens your important files and money. So you need to keep alert to any suspicious action on your computer. Once you get this popup below, you should shut down your PC immediately in case of infecting Petya.
Petya/GoldenEye: Windows shut down alert
Here you are the tips to prevent Petya/GoldenEye:
Fix System Vulnerability
System vulnerability is always the target of ransomware. It’s crucial to keep your system up-to-date. Or you can go to Microsoft Official Site to download the latest patches for your older version Windows.Disable WMI service
WMI runs automatically at system startup under the LocalSystem account. The service can be used by Petya to spread the ransomware. You can google how to disable WMI service.
Note: If WMI service is not running, you cannot manage, monitor, or retrieve information about the resources on the computer, especially remotely.
Create a Stronger Password for Your System
A strong password can help you improve the security of your system by preventing malicious programs from accessing your system easily. For example, you can mix the password with capitalized letters, symbols and numbers.Close the service of SMBv1
SMBv1 is a very old deprecated network protocol and might be attacked by Petya ransomware. You can probably disable it to prevent the attack. But there's a potential impact that file and print sharing won't work anymore on a local area network.
You can search on internet how to close the service of SMBv1
Don't want to disable SMBv1? Here are the tips for you:
Only use protected networks and do NOT share important files over SMBv1 connections Block inbound/outbound SMB traffic at your border firewalls Restrict SMB to only localhost (your own computers) via local host firewalls
- Install PC Protection Program on Your Computer
The most effortless but effective way to block ransomware is making good use of a system security tool which offers anti-ransomware engine and real-time protection. You ca find many such tools on internet.
- Backup Your Important Files
To avoid losing your important files, especially encrypted by Ransomware, it’s better for you to develop the good habit to make a back-up regularly and properly.
Refrence: http://www.iobit.com/en/tips-how-to-protect-yourself-from-petya/goldeneye-ransomware-101.php?p=db
Congratulations @mmali277! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP