Petya/NotPetya Virus Spread [Stage-1]

It is no surprise that ransomware is soon going to be an $2B industry as it exploits one of easy vulnerabilities - Us! Over 80% of the ransomware infections often start with an innocent click on an email attachment. Majority of the firewalls protecting the network perimeter and installed on the client machine are not effective. In the use case shown on the left, malware takes control of the client system before it prepares for the stage 2 of the attack.

 
 
 

Petya/Notpetya Virus Spread [Stage-2]

Stage 2 is typically proliferation where the malware tries to spread laterally across the network using a combination of network scan, ping, brute force password attempts and eternal blue or eternal romance SMB vulnerabilities. In many occasions malware can remain hidden for months, studying network vulnerabilities such as open ports and patches installed as they spread across the network. Such network wide attacks can hold the entire business hostage as experienced by major hospitals in US.

 

Petya/NotPetya Virus Prevented

With the Hmatix solution, malware cannot get beyond the compromised edge device and will be immediately detected, isolated from the network and reported to administrators. Legacy security systems can take days or weeks to detect threats, as noted in a recent security breach at a credit monitoring company.