Articles about NotPetya

In 2017, WannaCry caused significant disruption to the UK public and private sector. The disruption highlighted vulnerabilities within corporate and government systems, most notably within the UK. It impacted hospitals, healthcare facilities and social care, causing operations and admissions to be cancelled, delayed, or postponed.

The attack exposed a lack of robust cyber security measures, failings in basic IT administration and emphasized the importance of investing in strong defenses to safeguard critical public infrastructure. It prompted a renewed focus on cyber security within the UK and initiated efforts to enhance resilience against future cyber threats.

Continue reading →

A new report from cloud-native network detection and response company ExtraHop shows that on the fourth anniversary of the WannaCry attack a high percentage of IT environments are still running known vulnerabilities.

It shows the continuing use of ill-advised and insecure protocols, including Server Message Block version one (SMBv1), which was exploited by the WannaCry ransomware variant to encrypt nearly a quarter of a million machines worldwide, and is still found in 67 percent of environments.

Continue reading →

The US government has joined the government of the UK in pointing the finger of blame at Russia for the NotPetya cyberattacks. The ransomware/destructoware hit computers around the world last June.

After speculation that the attack was a state-sponsored one carried out by Russia, this position has now been confirmed as the White House accused the nation of the "reckless and indiscriminate." At the same time, the UK's National Cyber Security Centre said that the Russian military was "almost certainly" responsible for the attack.

Continue reading →

Ransomware is often considered a somewhat low-stakes annoyance: in most cases, the data itself doesn’t leave the network and public operations aren’t compromised. NotPetya changed the game -- it’s shown us the potential of how wildly damaging ransomware infections can be from here on out. It can feel like science fiction at times, but is now utterly reasonable to consider any data or device with a CPU and memory on your network as something that can be held hostage by ransomware.

Ransomware has proven to be a lucrative endeavor: more and more central and important systems are being targeted. Cryptolocker targeted family photos. Later variants somewhat indiscriminately encrypted any user file they had access to -- and last month, we saw NotPetya locking out machines entirely.

Continue reading →

Police in the Ukraine have seized the servers of Intellect Service, a company supplying accounting software, as part of their investigation into the NotPetya ransomware attack.

A malicious update to Intellect's MeDoc accounting package is believed to have been responsible for some of the initial NotPetya infections.

Continue reading →

The ransomware attack we reported yesterday may have begun in the Ukraine, but it spread rapidly across Europe and has now hit companies in Australia and the US including pharmacy giant Merck.

A variant of the Petya ransomware now being dubbed 'NotPetya', it spreads initially by phishing emails and once on a system the ransomware demands $300 in bitcoin. When it's installed on one system behind a firewall it's able to spread rapidly to others on the same network.

Continue reading →