24/7 Service, Same Day Diagnostics

Our Latest Tweets

Protecting Yourself and Your Business from Petya and NotPetya

Secure Data Recovery Breaks Ground in Recovering Data Wiped by Petya


On June 27, a new virus began infecting computers throughout Europe. Disguised as ransomware, it locked infected computers, producing a message on their screens requiring users to pay $300 in order to have their machines unlocked. For the better part of that day, the tech community assumed it had just been struck by another attack of ransomware. The following day, they learned quite differently.

Upon further analysis of the virus, cybersecurity experts concluded that it was never designed to restore access to infected computers. Rather, it was designed to crash and wipe data from computers. This abruptly shifted the problem from one of restoring machine access to a much more dire one-lost data.

Besides its obvious disguise, another part of the reason why tech analysts initially concluded that this attack was ransomware is that the offending program appeared to be an altered version of the known Petya virus, which was indeed just that. Specifically, Petya was modified to remove this ability by, instead of encrypting the hard drive, utterly destroying it. As such, researchers at Kaspersky Lab in Russia renamed the malware NotPetya.

Companies Hit by Petya and NotPetya

Among the larger corporations hit by this modified malware are AP Moller-Maersk, a shipping and transport firm in Denmark; DLA Piper, a legal firm; Mondelez, a food company; Rosneft and Evraz, two steel and oil firms in Russia; Saint-Gobain, a construction materials company in France; and WPP, a U.K. advertising firm. Even U.S. targets have been hit, such as Heritage Valley Health System, a health care facility operator in Pittsburgh.

How to Protect Yourself from Petya and NotPetya

There are a few ways you can help to protect yourself against this most recent attack. First, be sure to keep your cybersecurity software updated. Most antivirus software developers are already issuing patches and updates to protect against this latest threat. Additionally, analysts have discovered that, even if Petya does infect a user's computer, if it can't find the file, C:\Windows\perfc.dat, that triggers its functions, its destructive capabilities won't be unleashed on that computer. The computer will, however, remain infected and capable of infecting other computers. If, on the other hand, your computer is already infected and the malware was able to locate a C:\Windows\perfc.dat file on your hard drive, then your biggest concern now is not getting your computer back online but data recovery. In either case, if this malware exists on your computer, you'll want it removed. Secure Data Recovery's track record of success has extended to recovering data from hard drives wiped by NotPetya. Contact us today if you believe your computer may have been struck by malware.

Request Help
Call for Immediate Assistance
24 Hour Service Expert Hotline
Alternatively, you can also fill out
a request help form online
Submit Help Request
Article Search
Secured & Certified


We are