Home / Blog / General / Petya ransomware attack spreads across Europe

July 1, 2020

Firms worldwide, major government departments and government infrastructure have been hit by yet another ransomware attack, affecting many European countries, particularly the Ukraine, but also in the Netherlands and the UK, amongst others – (as of Tuesday 27th June)

The Ukraine central bank, as well as Kiev airport and metro have been paralysed.

Cyber attack

Initial analysis points to a variation of the known Petya strain of ransomware, which exploits the same ExternalBlue vulnerability as previously brought to attention following the WannaCry ransomware outbreak.

Like WannaCry, the Petya malware exploits a Microsoft Windows vulnerability in the Microsoft Server Message Block (SMB) v1.0 protocol

Microsoft released a critical security patch, MS17-010, for this vulnerability in March 2017:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Given the severity and virulent nature of the malware, Microsoft has since released emergency patches for older (unsupported) operating systems like Windows XP.

https://www.microsoft.com/en-us/download/details.aspx?id=55247