AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

NotPetya: the cyber attack that changed the face of cyber security

The global devastation of the NotPetya cyberattack: Analysis of a borderless cyber conflict

In 2017, the NotPetya cyber attack, originating from Russia and targeting Ukraine, infected MeDoc software, affecting vital sectors and causing global damage. It turned out to be destructive and not for the purpose of redemption. Russian GRU unit 74455 was held responsible.

This pill is also available in Italian language

In the summer of 2017, we witnessed a cyber attack of unprecedented proportions, starting from Russia and aimed at Ukraine. This episode, known as NotPetya, represents one of the most devastating examples of cyber warfare, highlighting how today's hostilities can also manifest themselves through cyberspace. The Ukrainian company Linkos, producer of the accounting software MeDoc, became the starting point of this attack. The updated software proved to be a vehicle for the virus, quickly infecting a vast computer network and causing immense damage around the world. This event highlights how digital infrastructures have become strategic objectives in modern conflicts.

The devastating impact on Ukraine

The NotPetya attack had serious consequences in Ukraine, with multiple sectors affected: seven banks, airports, the Kyiv metro, the national railway company, media, electricity providers, telephone operators, hospitals, clinics, and distribution chains. The radioactivity sensors at Chernobyl also stopped working. Estimates indicate that nearly one in ten computers in Ukraine was rendered inoperable, causing a significant loss of GDP. Some businesses took months to recover. The collaboration with Talos, Cisco's IT security division, was fundamental, as it helped identify the spread of the virus via MeDoc, confirming the sophistication of the attack.

Global damage and ripple effects

The repercussions of NotPetya were not limited to the Ukrainian borders. Global companies such as FedEx, Maersk, Mondelez, and Merck suffered significant disruptions to their operations. At the Paris headquarters of BNP Paribas, almost all of the computers were rendered useless, forcing employees to return to traditional methods of communication. Experts launched a global race to understand the genesis and spread of NotPetya, identifying the MeDoc software as the initial vector. The speed of propagation of the virus, capable of paralyzing thousands of machines in a few minutes, surprised many, revealing an autonomous replication capacity integrated by its creators.

The genesis and attribution of the attack

NotPetya stood out from other ransomware due to its nonchalance towards the ransom. Even paying the required $300 in bitcoin, the compromised data was not recovered. This suggested that the objective of the attack was not economic, but purely destructive. The investigation led to the identification of unit 74455 of the GRU, Russia's military intelligence service, as the mastermind behind the operation. The United States and the United Kingdom officially declared Russia responsible in early 2018. In 2020, several GRU officers were indicted by American justice, confirming the involvement of senior Russian military officials in the conception and implementation of NotPetya, highlighting the dangerousness of Cyber warfare in the modern geopolitical context.

Follow us on Threads for more pills like this

06/09/2024 20:43

Editorial AI

Last pills

Data breach: 560 million users involvedHow to protect yourself from the consequences of a major data breach

Ransomware attack on Synnovis: London health services in crisisSevere disruption to pathology and diagnostic services in London

A new LPE exploit for Windows for sale in the undergroundA new local privilege escalation threat for Windows in the underground forums

Critical failure in Check Point VPN solutions: risks and security measuresExposure of enterprise systems: urgent updates and patches to protect networks