Abstract
Ransomware attacks have been growing worldwide since they appeared around 2012. The idea of ransomware attacks is, encrypting and locking the files on a computer until the ransom is paid. These attacks usually enter the system by using Trojans, which has malicious programs that run a payload that encrypts and locks the files. The basic goal of this type of attack is getting money, so hackers usually unlock the files when they receive the money, but really there is no guarantee of that. Ransomware attacks have various versions such as Reveton, CryptoWall, WannaCry, and Petya. The Petya attack is the attack that this paper discusses, especially the most recent version of it, which is referred as NotPetya. This paper defines the NotPetya attack, explains how it works, and where and how it spreads. Also, this paper discusses four solutions available to recover after a system infected by the NotPetya attack and propose the best solution depending on intense research about the recovering solutions of this attack.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alert (TA17-181A) Petya Ransomware, US-CERT (2017). [Online]. https://www.us-cert.gov/ncas/alerts/TA17-181A. Accessed 7 Nov 2017
O. Solon, A. Hern, Petya’ ransomware attack: what is it and how can it be stopped?, The Guardian (2017) [Online]. https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how. Accessed 7 Nov 2017
Q. Yeh, A.J. Chang, Threats and countermeasures for information system security: a cross-industry study. Inf. Manag. 44, 480–491 (2007)
P. Bedwell, A deep dive into the NotPetya ransomware attack, Lastline (2017) [Online]. https://www.lastline.com/blog/notpetya-ransomware-attack/. Accessed 7 Nov 2017
L. Abrams, Petya Ransomware skips the Files and Encrypts your Hard Drive Instead, Blee**Computer (2016). [Online]. https://www.blee**computer.com/news/security/petya-ransomware-skips-the-files-and-encrypts-your-hard-drive-instead/. Accessed 7 Nov 2017
A. Kharpal, ‘Petya’ ransomware: All you need to know about the cyberattack and how to tell if you’re at risk, CNBC (2017). [Online]. https://www.cnbc.com/2017/06/28/petya-ransomware-cyberattack-explained-how-to-tell-if-youre-at-risk-or-been-attacked.html. Accessed 7 Nov 2017
T. Fox-Brewster, 3 Things You Can Do To Stop ‘NotPetya’ Ransomware Wrecking Your PC, Forbes (2017). [Online]. https://www.forbes.com/sites/thomasbrewster/2017/06/28/three-things-you-can-do-to-stop-notpetya-ransomware-wrecking-your-pc/#6f276e377b05. Accessed 7 Nov 2017
I. Thomson in San Francisco 2017 at 03:19 tweet_btn(), Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide, The Register®—Biting the hand that feeds IT (2017). [Online]. https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/. Accessed 8 Nov 2017.
Symantec Security Response, Petya ransomware outbreak: Here’s what you need to know, Symantec (2017). [Online]. https://www.symantec.com/connect/blogs/petya-ransomware-outbreak-here-s-what-you-need-know. Accessed 8 Nov 2017
S. Eschweiler, Decrypting NotPetya/Petya: Tools for recovering your MFT after an attack, CrowdStrike (2017). [Online]. https://www.crowdstrike.com/blog/decrypting-notpetya-tools-for-recovering-your-mft-after-an-attack/. Accessed 7 Nov 2017
J. Splinters, NotPetya ransomware virus. How to remove? (Uninstall guide), 2-spyware (2017). [Online]. https://www.2-spyware.com/remove-notpetya-ransomware-virus.html#data-recovery! Accessed 7 Nov 2017
Patrik, Petya.A/NotPetya virus removal——How to protect computer, My AntiSpyware (2017). [Online]. http://www.myantispyware.com/2017/06/28/petya-notpetya-virus/. Accessed 7 Nov 2017
CASPAR, Guide to remove NotPetya ransomware permanently, Viruses Removal Pro (2017). [Online]. http://provirusesremoval.com/guide-remove-notpetya-ransomware-permanently/. Accessed 7 Nov 2017]
P. Paganini, Ransomware: How to recover your encrypted files, the last guide, Security Affairs (2016). [Online]. http://securityaffairs.co/wordpress/53438/malware/ransomware-recover-guide.html. Accessed 7 Nov 2017
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Fayi, S.Y.A. (2018). What Petya/NotPetya Ransomware Is and What Its Remidiations Are. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 738. Springer, Cham. https://doi.org/10.1007/978-3-319-77028-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-77028-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-77027-7
Online ISBN: 978-3-319-77028-4
eBook Packages: EngineeringEngineering (R0)