NotPetya Much Worse Than WannaCry

NotPetya was 2017's most damaging ransomware attack, according to analysis from malware experts, beating notable campaigns such as Locky and WannaCry.

While WannaCry gained notoriety through sky-high infection rates and its impact on the NHS, which saw 81 of its bodies affected, researchers from security company Webroot said that the less widespread NotPetya outbreak was actually more dangerous, due to the fact that it was specifically engineered to disrupt and damage important systems.

The two malware strains are heavily based on the same exploit, a flaw in Windows Server Message Block system codenamed EternalBlue, which was part of a series of alleged NSA hacking tools dumped by the Shadow Brokers.

"This past year was unlike anything we've ever seen," said Webroot's vice president of engineering and cyber security, David Dufour. "Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods.

"Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cyber security standards to protect themselves."

A variant of the Petya ransomware from last year, NotPetya was first discovered in June 2017. Unlike most ransomware, NotPetya wasn't designed to encrypt files in order to extort money from victims. Instead, its goal was to wreak as much havoc on systems as possible, spreading within networks and permanently scrambling filesystems.

In fact, the researchers discovered that its resemblance to ransomware was nothing more than a cover to disguise its true purpose - even if victims paid, there was no way for NotPetya's creators to decrypt their files.

NotPetya, WannaCry and Locky were dubbed the nastiest malware campaigns of 2017 by Webroot, with other strains such as Cerber, CrySis and Nemucod also making the list.

ITPro:

You Might Also Read:

UK Health Service Should Have Prevented WannaCry Attack:

Postmortem: WannaCry Ransomware Explained:

Microsoft Chief Says N. Korea Was Behind 'WannaCry':

« Russian Hacking Went Far Beyond US Election
Bank Robbery: Cyber Criminals Steal $1Billion »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

40Cloud

40Cloud

FortyCloud is a Cloud Security Broker providing an abstract security layer for cloud infrastructure deployments that is decoupled from the underlying cloud infrastructure.

Redicom

Redicom

Redicom is an independent consulting agency focusing on identity management, strong authentication and single-sign-on.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

Applied Engineering Solutions (aeSolutions)

Applied Engineering Solutions (aeSolutions)

aeSolutions offers performance-based process safety engineering and automation solutions. Services include industrial cybersecurity.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

Shift Technology

Shift Technology

Shift Technology provides insurance companies with an innovative SaaS solution to improve and scale fraud detection.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

KBR

KBR

To help governments and other agencies to combat cyber threats, KBR is safeguarding their most valuable systems with sophisticated tools, hardware and training.

Dark Intelligence

Dark Intelligence

Dark Intelligence, created by Protective Intelligence, is the world’s first independent Dark Web Security Operations Centre.

AnaVation

AnaVation

AnaVation is a trusted partner delivering high-value, cost-effective solutions that solve the most complex technical and analytical problems for our customers.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.