In March 2017, the WannaCry ransomware attack occurred which was believed to be one of the largest ransomware attacks in history. Discussions of this past attack and who should take the blame has been previously discussed in our blog and newsletter. Now, just a few months later there has been another major cyberattack. At the end of June 2017, another large ransomware attack occurred, which has been called Petya. This ransomware attack is similar to WannaCry in that it locks up the computer files using encryption and demands a ransom in order to unlock the files. This ransomware also takes advantage of the vulnerability within the Microsoft Windows computers that have not yet updated to the latest software.
This attack began in Europe and spread to the United States. The North American Treaty Organization (NATO) says that a “state actor” was behind the Petya ransomware attack. NATO also stated that there is a possibility that the attack was not done by a state actor, but that it would have been done by a non-state actor who had the approval and support from another state. They believe this because Petya was very complex and expensive to run. According to NATO, if it is found that Petya was done by a state actor, then it would mean that this cyberattack could potentially be viewed as an act of war.
The Petya attack has hit over 12,000 different devices in 65 countries. More than 30% of the institutions that were affected by this attack were financial organizations. Industrial organizations, such as, utilities, oil and gas, transportation, and other companies were also targeted and it is believed that they made up half of the targets.