5 years after NotPetya: Lessons learned

NotPetya vastly broadened the scope of damage that malware attacks could do and forced CISOs and security researchers to rethink their approach..

On June 27, 2017, the eve of Ukraine’s Constitution Day holiday, a major global cyberattack was launched, infecting more than 80 companies in that country using a brand-new cyber pathogen that became known as NotPetya. NotPetya didn’t stay within Ukraine’s borders but spilled out to infect and cause havoc for thousands of organizations across Europe and worldwide.

NotPetya was so named because it was similar to but different from Petya, a self-propagating ransomware virus discovered in 2016 that, unlike other nascent forms of ransomware at the time, was incapable of being decrypted. In another departure from the earlier forms of ransomware, Petya also overwrote and encrypted master boot records and was, therefore, considered more a form of wiper malware than bona fide ransomware.

This article appeared in CSO Online. To read the rest of the article please visit here.