logo

Computer Security Breach in Notpetya Cyber Attack

10 Pages2248 Words160 Views
   

Added on  2020-02-24

Computer Security Breach in Notpetya Cyber Attack

   Added on 2020-02-24

ShareRelated Documents
PART ACOMPUTER SECURITY BREACH THAT OCCURED IN JUNE 2017- NOTPETYA CYBER ATTACKINTRODUCTIONComputer Security Breach is an event that infects individual/organizations systems and causes illegal access of data, applications, services and networks by affecting their basic security mechanism. Data security breaches occur almost daily but some of the worst data breaches happened in the year 2017. NotPetya , a major cyber attack began on 27th June 2017.It affected networks in various countries across the globe. The malicious malware shares its code with a former ransomware Petya, but is so called due to key differences in its operation. The main purpose of said attack was to damage IT systems and spread quickly. The attackers never had the intention of obtaining any sort of financial gain by extorting money. The malevolent malware is also popular by the name of Petya, Nyetya, ExPet and few other names(Hackett,2017). Although the cyber attack was more complex than WannaCry still it had few flaws. The ransomware infects the system by locking the computer’s hard drive and stored individual files.ASSESSMENT OF THE ISSUEThe global cyber attack infected more than 2000 systems in various countries across the world. NotPetya began in Ukraine where government departments, Kiev’s airport and metro station were the worst affected organizations. Chernobyl power plant’s radiation monitoring system was also largely affected due to transitory shutdown of the windows system(Burgess,2017). Similarly, Maersk, the world’s largest shipping company has also confirmed that its system in Rotterdam has been infected. Several companies across US and
Computer Security Breach in Notpetya Cyber Attack_1
Europe were not able to access their systems despite paying the ransom, thereby being the main victims of the said attack. Systems in established firms such as WPP, Mondelez a food company, law firm DLA Piper, AP Moller-Maersk- Danish shipping and transport firm, SaintGobain- French construction materials company, Evraz and Rosneft-Russian steel and oil firms were also badly hit. Thus, it is clearly understood that the attack was severe and ran its destructive course.The current attack took advantage of Eternal Blue vulnerability in Microsoft Windows, the hackers used Eternal Blue exploit developed by US National Security Agency which was leaked in April by the Shadow Brokers hacker group (Brandom,2017). The said ransomware targeted the network’s administrator tools. However, there were other ways also with which the virus spread (McGoogan). Petya targets the hard drive and not only the individual files, hereby inflicting more damage on systems. It not only encrypts the data but also restricts the system to work on the whole and results in permanent erasure of important data. Hence, the said attack is even more hazardous than WannaCry cyber attack as it not only makes the victim’s system inoperable but could also pilfer important information. Further, due to the complexity and severity of the said attack, it has become almost impossible to stop it from spreading internationally. There is no clarity as to who is behind the attack (Rothwell et.al. 2017). Petya has been regarded as “deliberate, malicious, destructive attack or perhaps a test disguised as ransomware”, as per security researcher Nicholas Weaver. Hence, it is clear that the said attack was designed to cause maximum damage and spread fast with no intention to make money.SOLUTIONS TO PREVENT SUCH ATTACKSSince Petya targets EternalBlue vulnerability in older Windows systems, downloadingthe patches that Microsoft provides is the best solution to the problem. In the month of
Computer Security Breach in Notpetya Cyber Attack_2
March, 2017, a security patch was released by Microsoft to safeguard the system against vulnerabilities exploited by Petya. Regular back up of all files is also one of the prominent solution to prevent such attacks. Also, focusing on the prevention of cyber attacks before theyhave actually happened with Next Generation Threat Prevention is important. Since once the files are encrypted with the said virus nothing i.e. not even payment guarantees the decryption of files, having an updated antivirus installed in the system is the best line of defence. Hence, in order to safeguard the system from the said virus several anti-virus companies have updated their software (Haynes,2017). Apart from this, increasing cyber hygiene policies and employee education is also an important solution to prevent such attacks. Phishing e-mails are the universal ransomware delivery vector. Training employees about the current security threats and potential risk of suspicious-looking emails can prevent the ransomware from entering the network. Lastly, making sure that the password is complex and protecting system while using public wi-fi are some of the other ways of protecting the system from being infected by the said virus.CONCLUSIONHence, it can be summarized that the year 2017 experienced one of the worst ransomware attack by the name of Petya. It is the second major attack in the month of May and June, first one being WannaCry which took place in the month of May. However, the outcome of the former is considered to be even more dangerous than the latter as the main aim of NotPetya was disturbance with a relatively small share of profit. Also, there is no option of recovery as it restricts access to the entire system if no backup is taken. Thus, proper updation of system with latest anti-virus along with adequate backup is the key to its prevention.
Computer Security Breach in Notpetya Cyber Attack_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Computer Security Breach - Notpetya Cyber Attack
|8
|2322
|148

Introduction to Cyber Attacks
|8
|2095
|327

ITC595 Information Security
|12
|2472
|132

Information Security in an Organization
|12
|2808
|45

ITC595 - Information Security | Cyber attack
|13
|2565
|126

Cyber Security: WannaCry Ransomware Attack Discussion 2022
|10
|1923
|20