Petya also known as NotPetya is the latest ransomware attack all over the world.
It makes use of vulnerability similar to the previous WannaCry ransomware attack. Petya is spreading all over Europe, showing that there are still many individuals and organizations that have not updated their software, despite several cyberattacks in the recent months.
Even the devastating effects of the WannaCry cyberattacks could have been vastly reduced, if organizations and individuals had updated their software. The cyber attacks showed that thousands of devices in over 150 countries are still not protected. They are still operating on outdated software, so they are still vulnerable to such cyber attacks. WannaCry had attacked powerful organizations, such as the NHS in Britain, FedEx, Telefonica of Spain and also the Interior Ministry in Russia. All these systems were not updated to the latest software.
With the spread of WannaCry, security experts all over the world recommended that individuals and companies should immediately update their software. Despite many such alerts to the public, many organizations failed to update the software and have fallen victim yet again to the recent Petya ransomware attacks.
It was a flaw in the security features that led to the earlier WannaCry attack. Microsoft soon fixed this in the month of March this year. Those who updated their software with the fix from Microsoft are safe. Shadow Brokers, the hacking group that obtained the information from the NSA in the US, revealed information related to the security flaws.
Hackers then got into these systems on account of the security flaw. They demanded ransom from victims who wanted their data back.
Individuals and organizations could have kept their computers safe, just by updating their software after the first WannaCry attacks. They could have protected their devices from the latest Petya at the least.
However, users are not willing to update on a regular basis, as it takes time. Many of those who were interviewed by the Edinburgh University and the Indiana University, stated that it was very frustrating to update the software. Windows was offered frequent updates, on a monthly basis, on the second Tuesday each month and also in between at times. However, the updates took plenty of time and it interrupted their work. Due to this, many users were unwilling to update and preferred putting it off as much as possible.
Some people were afraid that the updates would interfere with the regular programs on their software. Companies running several computers on special software were specifically concerned in this regard and would, therefore, put off updating the software.
Also, many users feel that some updates are really not necessary and just routine ones. They ignore security warnings and ignore the regular monthly updates. Microsoft mentions on the label whether the updates are important or critical. However, the information is not enough and users are not able to set a priority for the updates. Instead, if they were informed that a ransomware attack could be made on their computer if they do not install a particular update, users would be more prompt in updating their software.