• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it

2

Current price of gold as of July 8, 2026

3

Iran strikes 85 U.S. military sites in the Gulf, sparking a global selloff in stocks and a spike in the price of oil

1

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it

2

Current price of gold as of July 8, 2026

3

Iran strikes 85 U.S. military sites in the Gulf, sparking a global selloff in stocks and a spike in the price of oil
TechCybersecurity

Everything to Know About The Latest Worldwide Ransomware Attack

Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
June 27, 2017, 3:57 PM ET
Add Fortune on Google for similar content.

Meet the sequel to WannaCry, the wide-ranging ransomware attack that crippled businesses around the globe last month.

On Tuesday, another widespread ransomware attack began halting unprepared businesses in their tracks. The new attack uses the same method of propagation as WannaCry: A leaked hacking tool called Eternal Blue, which has been linked to the U.S. National Security Agency.

One of the major differences between the two attacks is that the most recent event does not yet appear to be susceptible to a hardcoded “kill switch.” That means it may prove harder to overcome.

Security experts have been warning organizations that failed to apply security patches to their Microsoft Windows-based computer systems that it was only a matter of time before another digital siege surfaced. It seems their predictions have borne true.

Get Data Sheet, Fortune’s technology newsletter.

Here’s a quick FAQ to get you up to speed.

What has happened?

A wave of ransomware attacks spread like wildfire on Tuesday. Many Microsoft Windows-based computers—specifically, ones not protected against a vulnerability in a Microsoft messaging protocol called SMB-1—began seizing up worldwide, locking employees out of their desktops, and displaying ransom notes.

Unable to access their files and folders, workers and managers were greeted by on-screen demands for payment of $300 in Bitcoin, a digital currency often used by cyber extortionists because it’s easy to send and hard to track.

Who has been affected?

The attack struck organizations in the U.S., Australia, Italy, Germany, Poland, Ukraine and Russia. Costin Raiu, director of global research at Russian security firm Kaspersky Labs, posted a bar graph on Twitter showing the geographic distribution of victims, according to what his firm could measure. (Kaspersky’s customer base skews towards Russian-speaking countries, which might explain the spread.)

https://twitter.com/craiu/status/879727503157473281

Some of the affected companies include Maersk (AMKBY), the Danish shipping giant, Rosneft, the Russian oil company, WPP, the British advertising agency, and Merck (MRK), the U.S. pharmaceutical giant. There are reports that the attack has also affected banks, hospitals, governments, airports, and other organizations.

What is Petya?

Initial analyses suggested that the latest wave of attacks involved malware based on Petya, a type of ransomware that first surfaced last year. Further investigations have disputed this analysis. In lieu of a better name, some cybersecurity firms, such as Kaspersky, have begun referring to the latest malware as “NotPetya.”

Jeremiah Grossman, chief security strategist at the cybersecurity firm SentinelOne, told Fortune there isn’t enough evidence yet to uncover the malware’s provenance. “This outbreak has similar characteristics as Petya, such as infecting the MBR [Master Boot Record, an important component of Microsoft computer hard drives] and encrypting the entire drive, however, it is not clear yet that this is a Petya variant,” he said.

How did this happen?

Companies that failed to patch their systems against the Microsoft vulnerability were open to this attack. It’s still not clear what the initial attack vector was. But once inside, the worm could spread across computer networks via the hole in Microsoft SMB-1.

It seems that many of the organizations affected by the malware operated industrial systems. These machines can be hard to patch because they run critical processes are difficult to take offline. “Organizations like these typically have a hard time patching all of their machines because so many systems simply cannot have down time,” said Chris Wysopal, cofounder and chief tech officer of Veracode, an application security firm purchased by CA Technologies earlier this year.

What can businesses do to protect themselves?

There are a few simple steps businesses can take, as the cybersecurity firm Palo Alto Networks (PANW) explains on its “threat brief” blog. First, apply Microsoft patch MS17-010. Second, block connections to Microsoft Windows’ port 445, the part of the operating system associated with the vulnerable protocol. And finally, maintain regular data backups, and use them to restore systems.

Should you pay the ransom?

This is a continual source of debate in the information security community. The general belief is, no, you should not pay the ransom. For one, there’s no guarantee extortionists will return your files. Second, funding cybercriminals will encourage them to develop similar attacks in the future.

Still, sometimes companies take a gamble and pay up in the hopes that the criminals will restore access to their files and information. In this case, it appears as though customers will not be able to reclaim their data even if they do pay up. Posteo, the email service chosen by the attackers, said it blocked the account they created, meaning the extortionists have lost their channel to communicate with victims and hand over decryption keys. Despite this, the attackers’ Bitcoin wallet had already received 28 transactions equaling 3 Bitcoins, or more than $7,000, as of 3 P.M. ET on Tuesday.

Do not pay the #Petya ransom. You will not get your files back. The email address used is blocked! @SwiftOnSecurity @thegrugq pic.twitter.com/NOzxLz0vul

— haveibeencompromised (@HIBC2017) June 27, 2017

 

About the Author
Robert Hackett
By Robert Hackett
Instagram iconLinkedIn iconTwitter icon
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Microsoft’s emissions surged 25% in 2025 during data center boom
EnvironmentMicrosoft
Microsoft’s emissions surged 25% in 2025 during data center boom
By Matt Day and BloombergJuly 9, 2026
2 hours ago
Peter Cancro shakes oregano over an open sandwich.
RetailFood and drink
Jersey Mike’s $12 billion IPO filing reveals a $50 million payday for the founder’s stepson and a $41 million jet
By Sasha RogelbergJuly 9, 2026
3 hours ago
Meta releases latest update of AI model Muse Spark as tech giant accelerates AI push under Alexandr Wang
AIMeta
Meta releases latest update of AI model Muse Spark as tech giant accelerates AI push under Alexandr Wang
By Ben WeissJuly 9, 2026
4 hours ago
Amazon CTO Werner Vogels speaking on stage.
NewslettersEye on AI
Amazon’s CTO on how developers can ride the AI-powered coding wave
By Beatrice NolanJuly 9, 2026
4 hours ago
‘Sony essentially destroys its own defense’: How its disc-free PS5 plan triggered a $457M lawsuit and  undercut its antitrust defense
LawSony
‘Sony essentially destroys its own defense’: How its disc-free PS5 plan triggered a $457M lawsuit and  undercut its antitrust defense
By Mia OsmonbekovJuly 9, 2026
4 hours ago
Fed’s Williams says AI is now his main inflation concern
EconomyFederal Reserve
Fed’s Williams says AI is now his main inflation concern
By Maria Eloisa Capurro and BloombergJuly 9, 2026
5 hours ago

Most Popular

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it
Success
Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it
By Preston ForeJuly 6, 2026
3 days ago
Current price of gold as of July 8, 2026
Personal Finance
Current price of gold as of July 8, 2026
By Danny BakstJuly 8, 2026
1 day ago
Iran strikes 85 U.S. military sites in the Gulf, sparking a global selloff in stocks and a spike in the price of oil
Newsletters
Iran strikes 85 U.S. military sites in the Gulf, sparking a global selloff in stocks and a spike in the price of oil
By Jim EdwardsJuly 8, 2026
1 day ago
Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI
AI
Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI
By Marco Quiroz-GutierrezJuly 5, 2026
4 days ago
Mining CEO worth $24 billion nearly drowned and had to break his own leg in a freak hiking accident—he used the recovery time to go back to school
C-Suite
Mining CEO worth $24 billion nearly drowned and had to break his own leg in a freak hiking accident—he used the recovery time to go back to school
By Eleanor PringleJuly 8, 2026
1 day ago
Investment firm's cofounder sues after being fired for neglecting the in-person work mandate he signed, saying it applies to employees not owners
Law
Investment firm's cofounder sues after being fired for neglecting the in-person work mandate he signed, saying it applies to employees not owners
By Jason MaJuly 5, 2026
4 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.