NotPetya Much Worse Than WannaCry

Uploaded on 2017-11-08 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

NotPetya was 2017's most damaging ransomware attack, according to analysis from malware experts, beating notable campaigns such as Locky and WannaCry.

While WannaCry gained notoriety through sky-high infection rates and its impact on the NHS, which saw 81 of its bodies affected, researchers from security company Webroot said that the less widespread NotPetya outbreak was actually more dangerous, due to the fact that it was specifically engineered to disrupt and damage important systems.

The two malware strains are heavily based on the same exploit, a flaw in Windows Server Message Block system codenamed EternalBlue, which was part of a series of alleged NSA hacking tools dumped by the Shadow Brokers.

"This past year was unlike anything we've ever seen," said Webroot's vice president of engineering and cyber security, David Dufour. "Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods.

"Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cyber security standards to protect themselves."

A variant of the Petya ransomware from last year, NotPetya was first discovered in June 2017. Unlike most ransomware, NotPetya wasn't designed to encrypt files in order to extort money from victims. Instead, its goal was to wreak as much havoc on systems as possible, spreading within networks and permanently scrambling filesystems.

In fact, the researchers discovered that its resemblance to ransomware was nothing more than a cover to disguise its true purpose - even if victims paid, there was no way for NotPetya's creators to decrypt their files.

NotPetya, WannaCry and Locky were dubbed the nastiest malware campaigns of 2017 by Webroot, with other strains such as Cerber, CrySis and Nemucod also making the list.

ITPro:

You Might Also Read:

UK Health Service Should Have Prevented WannaCry Attack:

Postmortem: WannaCry Ransomware Explained:

Microsoft Chief Says N. Korea Was Behind 'WannaCry':

« Russian Hacking Went Far Beyond US Election
Bank Robbery: Cyber Criminals Steal $1Billion »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

MNCERT/CC

MNCERT/CC

MNCERT/CC is the national Computer Emergency Response Team for Mongolia.

Emerson Electric Co

Emerson Electric Co

Emerson provides industrial automation systems and associated cybersecurity solutions to protect critical process control systems from cyber attack.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Junglemap

Junglemap

Junglemap provide nanolearning training courses on ransomware, information security and GDPR.

NRI Secure Technologies

NRI Secure Technologies

NRI SecureTechnologies is a Cybersecurity group company of the Nomura Research Institute (NRI) and a global provider of next-generation Managed Security Services and Security Consulting.

Cequence Security

Cequence Security

Cequence secures web, mobile, and API applications. We discover all apps, detect malicious bots, and stop attacks with an AI-integrated security platform.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.