Thousands of computers around the world are becoming infected by a fast spreading ransomware. Big businesses are getting hit. An entire hospital is shut out of its system, and suddenly, it's everywhere - the next big ransomware attack.

Here we go again.

A new ransomware attack by the name of Petya, took the world by storm towards the end of June 2017 after starting with a cyberattack in Kiev, Ukraine. From there, it spread to the country's electrical grid, airport and government offices. And then it began to go global, with Russia's largest oil production company, Rosneft, and one of the largest pharmaceutical companies in the world, Merck, sufferring attacks. The largest shipping company in the world based in Denmark, Maersk, was also forced to shut down several systems to prevent the spread of the attack.

Some businesses in Australia - including the Cadbury chocolate factory in Hobart - have also been attacked. 

In the Ukraine, it silently infected computers after users downloaded a popular tax accounting package or visited a local news site. It freezes a user's computer until a "ransom" of $US300 is paid in virtual currency bitcoin, with more than 30 victims reportedly paying up.

According to the director of the Australian Centre for Cyber Security at UNSW, Jill Slay, "The virus spreads apparently by having a 'bad' instruction - like a small piece of computer code - hidden inside a Word or PDF document."

"This bad instruction attacks a Windows operating system basically taking over a computer - in this case it seizes the files and encrypts them and then the bad guys ask for money to decrypt - this means you cannot open or read your own files."

Ransomware has been around for years but generally only targeted individual networks, like a single hospital or person. After the Shadow Brokers hacker group leaked National Security Agency exploits in April, cybercriminals were handed a much more dangerous weapon.

Even if you're a responsible user on an updated computer, someone on your network could be tricked into downloading malware through emails or a loaded Word document. This is why we are seeing attacks on this scale and why the word "unprecedented" is constantly thrown around.

Am I at risk?

You could be. 

It is important that businesses do the due diligence and be prepared by updating all Windows systems if not updated, and make sure all critical files are backed up. Businesses should also have a look at control systems which may not get fast updates since this virus seems to be attacking control systems such as electricity and transport.

For businesses and home computer users, make sure you:

  • Back up files

  • Turn on Microsoft updates

  • Take special care not to open emails with PDF or Word attachments if not expected or if the sender is not known

How can I tell if I have been attacked?

You'll see this message:

If you think you have been attacked, get in contact with an IT Professional immediately.