The (Not)Petya problem
Ever heard of the quote “Some men just want to watch the world burn”? It’s one that definitely resonates with the people (or person) behind the creation of the destructive NotPetya ransomware – otherwise referred to as GoldenEye, ExPetr or PetrWrap – which spread like wildfire right after IT professionals worldwide were left reeling from the crippling effects of WannaCry.
But the common misconception about NotPetya is that it isn’t actually a form of ransomware – but a wiper. Hybrid cloud IT data protection company Acronis believes that, unlike WannaCry, which had been intentionally designed to lock down the entire IT infrastructure of a company until a ransom is paid, the objective of NotPetya is simple: to wreak as much havoc as possible by destroying data.
Cybersecurity experts initially thought that NotPetya was related to the Petya ransomware that was released back in March 2016, but later on discovered that they were dealing with a completely different monster altogether, for reasons explained in the preceding paragraph. Hence its name – NotPetya.
However, it should be mentioned that NotPetya does use the same EternalBlue exploit as the WannaCry ransomware to propagate itself. There’s no need for you to imagine how devastating NotPetya can be should it manage to wriggle its way into the IT infrastructure of multi-billion dollar enterprises and conglomerates around the globe, because it has already happened.
The world’s biggest shipping company, Maersk, which handles one in seven containers shipped globally, was one of the victims of NotPetya. The Copenhagen-based shipping giant told Reuters that several of their IT systems across the globe suffered an outage as a result of NotPetya cyberattack, causing a chain reaction that impacted all business units at the company, including container shipping, port and tug boat operations, oil and gas production, drilling services, and oil tankers.
WPP, the world’s biggest advertising agency and parent company of several advertising and PR firms including Ogilvy & Mather, MediaCom and BursonMarsteller, wasn’t spared from the NotPetya pandemic either. The agency announced on its official Twitter account that a number of IT systems across several of its companies have been affected by the attack, and it took them slightly over a week to bring its services back to normal.