Digital forensics expert from Gunadarma University Ruby Alamsyah stated that although coverage of Petan ransomware attack is low, the impact can be more dangerous than Wannacry's ransomware.
"The impact of infection is more dangerous than Wannacry, but from the way it spreads, Petya is still lower in scope than Wannacry," Ruby said in Jakarta, Thursday (6/7).
According to Ruby, so far Ransomware Petya there is no indication of infection in Indonesia. He explained, the low spread of infecting computer network patterns, because Petya does not encrypt Master File Table (MFT) and Master Boot Record (MBR).
However, Petya's ransomware that endemic at the end of June 2017 it has infected hundreds of thousands of computers in 64 countries that pushed by wipe or delete data permanently and can not be recovered or repaired.
The difference with Wannacry Petya is still able to access Windows on his computer device. This is because Wannacry only attacks document files in Windows OS. "Victims of infection Petya can not use the computer at all because before the OS starts, the system immediately locked," said Ruby.
Related to the possibility of the spread of Ransomware Peyta can penetrate the banking information technology (IT) system, he said so far there is no indication that because Petya itself is still using the same Windows security hole, namely MS17-010.
In addition, banking institutions that have a higher security risk, of course, have to update or patch the operating system. "When users have to update their Windows Operating System with Microsoft MS17-010 patch, automatically he will be immune to Petya and Wannacry," he explained.
Ruby who also participate in the establishment of the State Siber and Sandi Agency (BSSN) is said, in terms of chronology and pattern of its initial distribution, ranomware Petya first circulated in Ukraine. Its spread through a security loophole in Ukrainian accounting software (software) called MeDoc, then infect into the local network on the computer network.
"Victims are still more focused in Ukraine, Russia, Europe, and America are likely to use a similar system," said Ruby.
"The impact of infection is more dangerous than Wannacry, but from the way it spreads, Petya is still lower in scope than Wannacry," Ruby said in Jakarta, Thursday (6/7).
According to Ruby, so far Ransomware Petya there is no indication of infection in Indonesia. He explained, the low spread of infecting computer network patterns, because Petya does not encrypt Master File Table (MFT) and Master Boot Record (MBR).
However, Petya's ransomware that endemic at the end of June 2017 it has infected hundreds of thousands of computers in 64 countries that pushed by wipe or delete data permanently and can not be recovered or repaired.
The difference with Wannacry Petya is still able to access Windows on his computer device. This is because Wannacry only attacks document files in Windows OS. "Victims of infection Petya can not use the computer at all because before the OS starts, the system immediately locked," said Ruby.
Related to the possibility of the spread of Ransomware Peyta can penetrate the banking information technology (IT) system, he said so far there is no indication that because Petya itself is still using the same Windows security hole, namely MS17-010.
In addition, banking institutions that have a higher security risk, of course, have to update or patch the operating system. "When users have to update their Windows Operating System with Microsoft MS17-010 patch, automatically he will be immune to Petya and Wannacry," he explained.
Ruby who also participate in the establishment of the State Siber and Sandi Agency (BSSN) is said, in terms of chronology and pattern of its initial distribution, ranomware Petya first circulated in Ukraine. Its spread through a security loophole in Ukrainian accounting software (software) called MeDoc, then infect into the local network on the computer network.
"Victims are still more focused in Ukraine, Russia, Europe, and America are likely to use a similar system," said Ruby.
No comments:
Post a Comment