Jan 11, 2023 2 min read

Not-Petya Cyber Attack (Russia vs Ukraine)

One of the most recent attacks using malware was an event known as NotPetya (Not-pet-ya) which involved a massive Russian cyber attack directed toward Ukraine in 2017. This attack was targeted at an accounting software firm called MeDoc (Mee-Doc) which is used all over Ukraine and other parts of the world. When the initial attack started it was thought to be regular ransomware because the clients that were locked out of their computers were given a message that read “you must pay $300 in Bitcoin in order to decrypt your files.” Cyber analysts found that the ransomware was similar to a type of malware called Petya which was released in 2016. It was later determined however that this new ransomware was a hybrid of Petya and another type of computer worm that was much more dangerous. Once this was discovered this is what lead to the attack being called NotPetya.

It was quickly determined that NotPetya was much more dangerous than regular ransomware and that this was a targeted cyber warfare attack on Ukraine. The ransomware used in NotPetya was simply a carrier for a much more dangerous form of crypto-malware which would spread to any computer on a network and permanently cut off access. If a victim were to actually pay the $300 nothing would actually happen. NotPetya completely shut down Ukraine since just a large number of the businesses used MeDoc so they were also exposed. This included electric companies, credit card processors, banks, public transportation and much more. To make matters worse the NotPetya malware spread outside of Ukraine and into other parts of the world, including right back into Russia.

Some of the largest companies in the world were affected by the NotPetya attack which include FedEx, Maersk shipping company, DLA Piper, a law firm, Mondelez International and Merck & Co., a U.S. based pharmaceutical company. One of the most devastating effects of the attack were felt by the shipping company Maersk who sustained a 10 day shut down of 76 ports around the world and diminished function for over 800 shipping vessels. This caused dozens of multi-kilometer lines of trucks who couldn’t get through the front gate of various ports. Another company who sustained serious damages was FedEx who spent $400 million in remediation and Merck & Co. who lost around $135 million in sales from the event.

The NotPetya attack is one of the most recent examples of cyber warfare used as a military option on the battlefield. This attack was used in conjunction with other forms of non kinetic warfare to destabilize Ukraine in a multi-year war Russia has waged on Ukraine. The attack was so successful that it quickly spread throughout Ukraine and immediately shut down a multitude of essential services. The mechanism that the malware used for replication was so effective that it caused damage all over the world almost immediately after it was released. This example highlights one of the key elements of this report by demonstrating how a regional conflict between two nation states can have devastating consequences for the rest of the world. The increased dependence on technology and the interconnectedness of global services creates a never before seen vulnerability for completely unrelated third party organizations, governments and individuals.

eSecurity Institute
We are committed to helping individuals gain the knowledge and expertise they need to succeed in cybersecurity.
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to eSecurity Institute.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.