Petya
Outbreak

Petya ransomware, also known as PetrWrap, has hit organizations all over the world.

And just like WannaCry, it's completely seizing systems people rely on.

How do we protect our customers against Petya?

F-Secure endpoint products offer protection against the Petya ransomware on several layers to ensure that attacks can be stopped at multiple places along the attack chain.

F-Secure's vulnerability management product flags known vulnerabilities within the system for remediation, and our managed incident response service, F-Secure Rapid Detection Service, detects a large number of the TTP techniques used by Petya, allowing our customers to take immediate remediative actions in the case an infection is detected.

MULTIPLE LAYERS OF PROTECTION

Software Updater

Keeps computers and third-party software up-to-date and free of vulnerabilities.

Security Cloud

F-Secure's Security Cloud functionality detects and blocks the DLL file used by the ransomware.

Download Whitepaper

Anti-Malware

F-Secure's Anti-Malware engine detects and blocks the threat via multiple complementary signature detections.

F-Secure's Firewall

F-Secure's default firewall settings prevent the Petya attack from spreading laterally in the environment and encrypting files.

Want to secure your business today?

Get in touch to learn more about how F-Secure protects you.

WHAT SHOULD YOU DO TO PROTECT YOURSELF

F-Secure endpoint solutions block the Petya attacks with their default settings. However, it is always a good idea to check that all security functions are enabled. You should also take steps to mitigate the exploited vulnerability and prevent the attack from spreading in your environment.

 

  1. Ensure DeepGuard and real-time protection is turned on in all your corporate endpoints.
  2. Ensure that F-Secure Real-time Protection Network is turned on.
  3. Ensure that F-Secure security program is using the latest database update available.
  4. Identify endpoints without the Microsoft issued patches (4013389) with Software Updater or another patch management tool, and patch them immediately.
    • Apply MS17010 to Windows Vista and later (Windows Server 2008 and later)
    • Apply Microsoft's patch to Windows XP or Window Server 2003
    • In case you are unable to apply the patch immediately, we recommend you disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547 in order to reduce your attack surface
  5. Ensure that F-Secure Firewall is turned on with its default settings. Alternatively, configure your firewall to properly block 445 in- and outbound traffic within your organization to prevent Petya from spreading within your environment.
THE COMPONENTS OF A SOLID CYBER SECURITY OPERATION

Managed Detection and Response

Our enterprise-grade managed service detects, quantifies and gathers evidence regarding advanced attacks. When we detect an attack, you'll know about it in less than 30 minutes.

Vulnerability Management

Our powerful, scalable vulnerability scanning and management service will help you identify and remediate known vulnerabilities in any platform or web application.

Endpoint Protection

Endpoint protection is the cornerstone of cyber security. Our endpoint security products have been powered by next-generation technologies such as behavioral analysis and machine learning for a decade.

ADDITIONAL RESOURCES

Interested in securing your organization against ransomware and other vulnerabilities?

Get in touch to learn more about our offering. Protect yourself before it's too late.