Security Alert: Ransomware That Encrypts System Files

We should have seen this coming—ransomware that breaks your Operating System!

ZDNet reports that a strain of ransomware called Petya that once contracted, replaces the Master Boot Record (MBR) with a malicious loader forcing a system restart that loads the virus instead of the Operating System. After the restart, the PC runs a fake CHKDSK scan, encrypting the Master File Table (MFT) which in effect hides all files on the system, making them inaccessible.

After the infection has run its course, the victim is presented with a screen giving instructions on how to make the ransom payment, presently about $370.

Attempting to fix the MBR using the FixMBR command doesn’t work and experts currently agree that presently, there is no cure other than paying the ransom or reinstalling your entire system from scratch—losing everything in the process.

So far, phishing emails carrying the Petya ransomware have been targeting German companies, but experts agree that we’ll see it here in the U.S. very shortly.

Make sure you tell all of your employees to be very careful and not to click on any links or open attachments in emails especially those from senders they do not know.

It is now more important than ever to protect your business with a Hybrid-cloud Business Continuity solution rather than just data backup. Ransomware like Petya and Cryptolocker can literally put a company out of business. Don’t be a victim— instead be proactive.

For more information, call (845) 362-9675 or email us to find out how XSolutions can help protect your business.

Joseph Imperato Sr. is the Managing Partner for XSolutions Consulting Services, a Managed Services Provider (MSP) delivering Computer Support, Business Continuity, Cloud Services, and IT Consulting to New York, New Jersey, and Connecticut businesses. Call us at (845) 362-9675 and see how we can help your company.