A new global ransomware outbreak is currently underway and it is being called Petya. It looks to be a closely related sibling of the WannaCrypt ransomware that ran rampant last month because it is also using the same SMBv1 vulnerability in unpacthed Windows systems to spread.

You would have thought with all the attention the WannaCrypt Ransomware outbreak received that there would have been a distinct effort to address the vulnerability by companies and individuals around the world.

It appears that was not the case and this opportunity to harden system security was laid to the side since the WannaCrypt attack, while very widespread, was cut short accidentally by a malware researcher in the UK when they registered a domain that was referenced in the attack code.

Even WannaCrypt should not have been as widespread as it was because Microsoft actually released security patches to address the vulnerability, which uses the ancient SMBv1 protocol in Windows, back in March of this year for all supported versions of their Windows operating system. They followed that up with the unprecedented step to release patches in May to fix unsupported versions of Windows including XP and Vista.

So it is obvious that many companies and individuals simply choose to either not patch their systems or have a delayed process to evaluate those patches in the very critical window that attackers will target an effort to infect systems before they are all pacthed.

Following the WannaCrypt attacks, the Internet and tech blogs were full of articles about the importance of installing security patches without delay and, in this case, disabling SMBv1 on your active Windows systems to close off that vulnerability.

Here is just a sampling of what we have written here at SuperSite: Windows and ITPro: Windows about WannaCrypt, SMBv1, and system patching over the last few weeks:

-- Despite WannaCry, Open SMB Ports Persist

-- Resources: Handling SMB v1 in Managed Environments with Group Policy

-- Microsoft & Security: Older Windows OS's Once Again Receive Security Patches for Critical Threat

So before you go much further please patch your systems and get the systems you are responsible for updated. If you need to also remove this protocol from your systems, Ed Bott has that covered over on ZD Net with instructions for individual systems, using Group Policy, and PowerShell.

Last week we learned that Microsoft is going to take even more aggressive steps in the next release of Windows 10 to completely uninstall the SMBv1 protocol on systems when the Fall Creators Update is released this fall.

Although more details will come to light in the aftermath of this latest threat, including who is behind it, you can never go wrong with keeping your systems patched and updated. We live in a world where attackers will attempt to use any vulnerability to gain a foothold in your systems and networks. The critical decision here is if you are prepared to deal with the consequences of that decision on both a personal and business level.

Here are some recommended resources for following the Petya Ransomware news:

-- Twitter Moment: Cyber-attack spreads around the world from Ukraine

-- @SwiftOnSecurity - An extremely knowledge individual in the world of cyber-security in the persona of Taylor Swift. Can be rough around the edges but well respected in the community.

-- @Mikko - Chief Research Officer at F-Secure and well know speaker on the subject of cyber-security.

Remember, as with any fast moving incident, Twitter is a great resource for quick takes in the initial stages of any global event but keep an eye out for the wrap-ups from this event to get a better idea of what happened.

P.S. Have you patched your systems and turned off SMBv1 yet?


But, wait...there's probably more so be sure to follow me on Twitter and Google+.