NotPetya, the recent ransomware attack that infected PC’s around the world spread faster than the notorious WannaCry ransomware. Its rapid proliferation wasn’t the only thing that set NotPetya apart. According to security experts, this attack is now being regarded as an effort of sabotage and disruption, not an attempt to make money. Erik and Amy discuss NotPetya’s spread and how difficult it can be to trace the origin of cyberattacks on this segment of the Bottom Line IT.
According to the respected researcher known as the grugq, “this is definitely not designed to make money. This is designed to spread fast and cause damage.” This malware’s true purpose was to create as much damage as possible and do permanent and irreversible damage to a computer’s hard drive. The Malware was highly sophisticated, exploiting popular accounting software. The code that NotPetya’s creator borrowed from the year-old Petya ransomware appears to have been used as a misdirection. The infected computers prominently display an email address that victims are supposed to contact to receive a decryption key. Unsurprisingly, the company hosting that inbox quickly shut it down when NotPetya began to spread. Any cybercriminal hoping to receive payments would’ve seen that coming and been more discrete. It’s unlikely, then, that whoever unleashed NotPetya ever cared about receiving payment emails from victims.
This malware really targeted Ukraine, where 60% of the infections occurred. It is not known if this was an act of aggression or war. It is very hard to pinpoint where this types of attacks come from. Digital footsteps can get muddied; accurately determining who was responsible could be incredibly difficult. Ukraine has suggested Russia may have been behind the attack, which struck on the eve of Ukraine’s constitution day, which celebrates the country’s split from the Soviet Union. Russia annexed Crimea from Ukraine in 2015 and pro-Russia separatists continue to fight government troops in the east of the country. Some security experts agree that further investigation will reveal that Russian hackers were behind NotPetya.
Listen to the segment here:
FOR MORE INFORMATION ABOUT ASK
To learn more about ASK’s cyber security services and how we can help your business take the hassle out of technology, contact us today!