“NotPetya is exploiting the same vulnerabilities as Wannacry,” Vaultize CTO and co-founder Ankur Panchbudhe said. “But its scale could be much larger, its monetary impact globally more painful, as it sweeps through the US and other Western countries as the day goes on. So far, there's no 'kill switch' like there was with WannaCry.”

According to the Reuters news network, the ransomware took down servers at Russia’s largest oil company, hijacked computers at U.S. Merck offices and wreaked havoc at Ukrainian banks and disrupted operations at the Danish shipping company A.P. Moller-Maersk, which manages 1 out of every 7 freight containers worldwide. Government agencies were also affected – Swiss terminals in India were hijacked.

 Affected companies may have failed to heed warnings after Wannacry

NotPetya appears to be targeting the same or similar vulnerabilities leveraged by Wannacry last month, and many companies that took care to beef up IT and data security in its wake might be safe from today’s attacks.

Still, with over 80 companies and counting reporting problems, it’s clear that many didn’t act quickly enough or at all to safeguard their sensitive data and customer information. Petya is believed to have spread through phishing emails, so email security at affected organizations may also be lax.

No workaround

Today’s ransomware, originally believed to be a variant of the Petya ransomware family, sports two layers of encryption that are frustrating researchers attempting to design a workaround for impacted businesses.

"There is no workaround to help victims retrieve the decryption keys from the computer," a representative at the Romanian security company Bitdefender said in a Reuters report.

Ransomware defense: endpoint back up and OS updates

Installing recent Windows patches designed to shore up weak points exploited by Wannacry may have kept some businesses safe from today’s attacks, but the best defense against ransomware attacks is endpoint backup.

By backing up data on all endpoints that may contain sensitive information, IT can simply roll back systems to versions before the malicious software gained entry. It’s a simple solution.

Read more about endpoint backup.

More about us

Vaultize is an innovative data security company that allows customers to track and control their documents from creation to deletion on any device, anywhere. From CYA to compliance, Vaultize provides data protection without restricting use. Vaultize’s platform utilizes DRM and encryption to secure any and every file, protect those files no matter where they travel, and provide visibility into who is accessing them and how they are being used. The Vaultize platform is nearly transparent to users, scalable and flexible to deploy. For more information, visit www.vaultize.com.