Ransomware – Not Petya – What You Can Do

UPDATE – This malware has now come to be considered a Cyberweapon, and not Ransomware, in that it appears the intent was never to restore victims’ data. Please, if you are infected, do not attempt to pay – your data will not be restored.


If you’re following the news you may have heard that a really nasty ransomware worm has been wreaking havoc on computers around the world. A hospital here in WV was hit today, and more and more large companies are announcing they have been affected.

In light of this, you may be wondering what you can do to protect yourself. Well, it turns out there appears to be something of a “vaccine” against this particular bug. Here’s a link to a walkthrough – we highly recommend you take these preventative measures right away, even if you think it is fairly unlikely that you would actually be infected.

Basically, the malware looks for a file called “perfc” – if it doesn’t find it on your computer, it starts its attack. Creating a dummy perfc file with no extension can prevent the worm from locking down your system!

Ok… what else

Aside from the “vaccine” the standard advice still holds true: don’t open email attachments from unknown or questionable sources. In general, you probably shouldn’t be getting any .zip or .exe files as email attachments, and really any email other than what you would normally expect to see, it’s probably best to avoid.
Definitely, make sure you are using an anti-virus program – we can’t emphasize this enough. Whatever you are using, make sure it is up to date. The same goes for your Windows – get any windows security updates installed right away.

If you browse the internet a lot, consider using a browsing safety tool like Web of Trust. Make sure your browser is up to date. Even better, consider running programs like your web browser in a sandbox, to make sure there’s no way an infection can get through.

Also, we recommend that you don’t do your day-to-day email and web-browsing on an Administrator account. If you insist, at least make sure to double check that your User Account Control Settings are at a level you are comfortable with.

Some Antivirus suites like BitDefender have a built in Ransomware protection tool, which will prevent any unauthorized changes to specified files and folders.

backups. Backups. BACKUPS! BAAAAACCCKKKKKKKUUUUUUUUUPPPPPPPSSSSSS!!!!!

Finally, you ABSOLUTELY HAVE TO HAVE BACKUPS! If you don’t have backups of your important files, I guarantee you will lose them one way or another. If you are just backing up your computer to an external hard drive, ransomware has become sophisticated enough to detect and encrypt your external hard drives too. If you are relying on Windows’ built-in Volume Shadow Copy Service (file history), these worms will find those backups and erase them. Because of this, we recommend you keep full backups of your important files in separate locations.

If you are concerned about ransomware and would like more information, or if you need help implementing any of these loss prevention measures, please don’t hesitate to reach out. At RBG we would be happy to be of assistance.

Need Help? Contact Us!