WannaCry ransomware hit the globe just over 30 days ago. It was predicted, another global ransomware attack would take place sooner or later. However, who would’ve thought instead of ransomware, it would be complete cyber warfare?
NotPetya Spreads Around the World
Initial reports of NotPetya, had researchers believing it was a variation of Petya, a previously known ransomware variant. However, NotPetya doesn’t just encrypt your files, it completely destroys the device so it is completely unusable by attacking the master boot record.
The cyber attack appeared to be targeting Ukraine. NotPetya successfully infiltrated IT systems at some of Ukraine’s most major power and transportation companies, as well as the Ukrainian government and National Bank.
However, other countries have also seen infections take place. Forbes reported Russian oil giant, Rosnoft, was hit with a “powerful hacker attack”. The US pharmaceutical giant, Merck, also was infected, along with Maersk, the world’s largest shipping industry. NotPetya also successfully infected the Australian chocolate factory, Cadbury.
Also, British advertiser WPP and law firm DLA Piper were hit with cyber attacks. Ironic, since DLA Piper touted their expertise in cyber security compliance after being unaffected by WannaCry, even offering assistance to WannaCry victims with crisis response teams and hotlines.
NotPetya Compared to WannaCry
Some reports are suggesting NotPetya is quite similar to the world’s first global attack. NotPetya is spreading through the same vulnerability WannaCry used, EternalBlue. One would think the infections would be minimal, since patches have been available for this known vulnerability for over a month. However, because patches are available does not mean businesses or end-users implement them.
WannaCry was a ransomware variant that encrypted files, and would release them after the payment demand was met. However, NotPetya completely cripples the device by not only encrypting the files, but also corrupting the master boot record. Due to the destruction of the device, it is not believed NotPetya is a ransomware attack, but a major cyber weapon instead.
PC Matic Customers
There is no evidence that any PC Matic customers have been infected. PC Matic will continue to monitor the situation.