If a computergets infected, this is first indicated by a request to reboot the computer. If the computer is immediately turned off, the harddrive can either be removed and the files recovered on an uninfected machine OR  the computer can be booted with a  live OS  and the data removed. In both cases, the hard drive will need to be then cleaned and the software and data reinstalled

It appears that effective protection includes ensuring security patches are up to date and using anti-malware software  - several anti-malware vendors claim to provide protection against the current Petya malware.

References

https://www.itnews.com.au/news/petya-designed-to-destroy-not-ransom-users-466929?eid=3&edate=20170629&utm_source=20170629_PM&utm_medium=newsletter&utm_campaign=daily_newsletter

https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1036&context=isw

https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/

https://fas.org/irp/eprint/snyder/infowarfare.htm

 


© 2022 Design Out Crime and CPTED Centre. All Rights Reserved.