We would like to share that MCMC NSC have recently received numerous open-source reports about a widespread ransomware known as “Petya”
that is affecting various organizations across Russia, Ukraine, Spain, France, UK, India and Europe.
Please stay vigilant and be prepared for any possibility of attacks from this ransomware.
- Update and install the official patch (MS17-010) from Microsoft, which closes the affected SMB Server vulnerability used in this attack.
- Refer Microsoft Knowledge Base Article 2696547 to disable SMBv1.
- Disable Windows Management Instrumentation Command-line (WMIC).
- Create a file i.e. “C:\Windows\perfc” to prevent ransomware infection.
- Backup important data to an external hard drive or cloud storage service.
- Run and update latest antivirus.
Reference for your perusal :