The cyber attack, which broke out yesterday, violated the normal operation of the computing systems of large enterprises and administrations. The Secretary of State, responsible for information technology in France, says of the cyberattack of an "unprecedented" level, writes Le Figaro journalist Benjamin Ferran.
The computer virus spread on Tuesday, its impact is still unknown, but it, undoubtedly, managed to sow panic around the world. Here are the main elements that need to be clarified, the author of the article.
What is it about? The virus forces you to reboot for a few minutes (10 minutes to 1 hour). Then he will digitize the data in the computer's memory.
A message appears on the screen asking to transfer $ 300 in bitcoins and send proof of payment to an email address in order to get the key to decryption and see your files in their original form. It's about a virus-extortionist, or ransomware in English, says the article.
"Experts on information security believe that this is a variant of the extortion virus Petya, discovered in May 2015," the journalist reports.. - According to Kaspersky Lab, which prefers the name NotPetya, this is a completely new virus ".
Who is vulnerable to this cyberattack Petya affects computers running in the Windows operating system. It was seen in the versions of Windows XP, Windows 7 and Windows 10.
Who are the main victims The first focus was located in Ukraine, there were struck dozens of large companies of all countries, including banks, as well as Mars, Nivea, Auchan and government websites. The malicious program quickly spread to businesses in the rest of Europe and the US, article says.
What is the origin of these cyberattacks? This is the subject of the investigation, starting Tuesday. According to many experts from Cisco Systems and Eset, the virus could be downloaded into the update of the Ukrainian accounting automation system MeDoc.
Who is behind this virus The WannaCry virus was attributed to the hacker group Lazarus associated with North Korea, due to signs of similarity to the information code of the previous virus. This time there are no traces, says the article.
"The main version of the investigation focuses on the Russian trace," said the Chief Military Prosecutor of Ukraine Anatoly Matios, without giving any evidence. Ukraine, which fell prey to large-scale attacks in the past, has already accused its Russian neighbor of carrying out campaigns against it to destabilize. Kiberataka December 2015 affected its energy system, depriving electricity of 230 thousand. Person for 6 hours. However, the Petya virus also affected Russian interests. The work of banking institutions was disrupted, and the oil company Rosneft was forced to switch to a reserve management system, "Ferran writes..
Is this cyber attack unprecedented? Based on the elements we have on Wednesday morning, nothing can make such a hasty conclusion, the journalist believes..
As noted by the specialized site MalwareTech, Petya is spreading more slowly than the WannaCry virus, because it scans only internal networks, the journalist continues.
What to do against cyber attacks of this type All experts, in particular, from the French National Agency for Information Systems Security (Anssi), prescribe never to pay ransom.
As for the Petya virus, the email address used to collect evidence of payment was blocked, the article says..
"There are only two elementary methods, nevertheless, they are often forgotten. Regularly backup your files - what happens through the enterprise security policy. And update their computing systems. Microsoft offers corrective maintenance that corrects the vulnerability used by the WannaCry virus and re-selected by the Petya virus, "concludes Ferran.