I find this whole scenario with this Petya Ransomware fascinating and a bit peculiar.
Firstly, I absolutely cannot condone the actions of the culprits, however, I think a huge amount of responsibility needs to rest on Companys' and ISPs.
According to the ABC article below ... the virus is spread as Word and PDF docs. As an end user in a rushed work environment, it's very difficult to know in an email communication world what is genuine or not. A bit of pot luck here. Personally, unless I absolutely know the sender (and have checked the from address) not just the name it's from, I don't open it. Now why aren't the ISPs filtering these attachments out?
What I don't understand is why we don't have double handshake email verification of sender address on ALL ISP email systems. Maybe someone in the infrastructure admin space can help me understand that one better. I get so much spam each day from junk email addresses - surely it could be instantly halted.
Secondly, in my experience, I have seen senior executives in various corporations time after time reject investment in the end user Operating Systems and core network and email infrastructure systems.
How many end users in various large Tier 1 private, public and govt organisations are still using Windows XP (which is now unsupported) and Windows 7 (which is almost a decade out of date). I have been very close to some of these discussions before and have been astounded by executive response to the risk being outlined. It really is unacceptable. As a private user and small business user, I am on the latest patch of Windows 10. Surely if a small business can get it right, the big ones can too.
Now I hear all my CIO friends screaming at me saying it's just not that simple. Of course I know that - there are applications that only run on old kit and OS's - but again, that's due to a lack of investment to upgrade old code and decommission old apps and upgrade old hardware. To me it shows a level of negligence and ignorance that executives/directors and shareholders should not stand for.
Right now, I'm waiting for some parcels from TNT Express - I believe they have been obliterated by this virus. We have tried to contact them on the phone over the last 48 hours, and have spent at least 1hr per time trying to get through to them. Their Customer Service has no clue how to handle the crisis, so instead just don't answer the phone. Not a good result for your Customers TNT Express.
What are your experiences and thoughts through the last 48hrs?