June 27, 2017

Forcepoint Statement on June 27 Worldwide Ransomware Attack – Petya

Forcepoint Security Labs is aware of a new variant of the Petya ransomware that impacts organizations worldwide. Reports are coming in from organizations in the UK, Ukraine, Netherlands, Spain, the United States and other markets. We have identified the ransomware as being able to spread laterally within an organization via a vulnerability in the SMBv1 protocol. 

The attacks are linked through the use of a common bitcoin wallet and below is a screenshot of the ransomware message displayed on infected systems.  

While we're still learning more about this new variant of the Petya ransomware, we advise everyone as a first step to refamiliarize yourself with advice given during the Wannacry outbreak (links below). We're actively investigating this outbreak and will share more information soon.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.