Petya, as WannaCry, will stay in some people's mind still a long time!
Petya is based on the same NSA's stolen and leaked EternalBlue and EternalRomance SMB exploits. It also uses a bunch of tools, including PsExec and WMICto spread all over the network and infect other machines.
Sadly, because a lot of organizations still have a flat network (e.g. no network segregation), Petya can easily use NSA exploits to gain administrator access on a machine and then, leverages that power to control other computers all over the network.
When Petya got admin access, it will lift credentials out of the RAM to access other internal systems and rewrite the local machine's hard drive's MBR so that when the machine will reboot, the message starting with "Ooops, your important files are encrypted." will be displayed. Furthermore, it will also encrypt, with AES-128, the filesystem tables and files on the drive. This means that there is no way to get the keys to restore your documents. So please, don't pay the ransom!
Multiple actions are required to improve your security to face this threat:
Need assistance? We are here to help you!