Acronis Active Protection Proven Vs. Petya

What is Petya, and how does it work?
The Petya variant of ransomware is different from Wannacry as Petya impacts the Master Boot Record (MBR). It first reboots the computers, and then encrypts the HDD’s file table (MFT), which renders the MBR inoperable. From this point forwards, it restricts access to the system by seizing information of file names, sizes and location on the physical disk. Finally, Petya replaces the computer’s MBR with its own code, which displays the ransom note once the system is powered up.

There has been reports in Australia of businesses being affected by the Petya ransomware, namely the Tasmanian Cadbury chocolate factory, law firm DLA Piper, and the Jawaharlal Nehru Port Trust. If the Wannacry attacks in May this year are any indication, the Petya ransomware could potentially be spread worldwide within the next 72 hours.

The Rise of Ransomware-as-a-Service
The Petya variant of ransomware also gives rise to a new, if not unsavory, business model: Ransomware-as-a-service (RaaS). While there is still some debate as to whether it is a variant of Petya, GoldenEye, or a new version of Wannacry, people can be sure that it was definitely not from the original author of the Petya variant of ransomware. This means that hackers actually purchased the source code and used the models to create the attack.

While the potential payouts from ransomed victims can amount in millions, the ransomware is incredulously cheap, between $50 to $150, depending on per usage or the actual ransomware source code. The authors then offer their ransomware on the darknet, and offer a generous portion of the paid ransom amount to potential distributors, while the author pockets the rest.

Acronis Active Protection – Proven Against Petya
In tests conducted on the Petya ransomware, it can be confirmed that the Acronis Active Protection can protect users from attacks.

Anti-virus solutions utilize signature-based detection, and targets a specific characteristics of the virus in order to prevent it from affecting the system. Active Protection utilizes heuristics detection, which monitors a set of processes and procedures that ransomware and malware follow through during an attack.

The Active Protection has been tested by MRG Effitas and AV Test GmbH, and has been proven effective against the threat of ransomware, and is available with Acronis True Image 2017 new generation for consumers, as well as Acronis Backup 12.5 for businesses.