NotPetya Much Worse Than WannaCry

NotPetya was 2017's most damaging ransomware attack, according to analysis from malware experts, beating notable campaigns such as Locky and WannaCry.

While WannaCry gained notoriety through sky-high infection rates and its impact on the NHS, which saw 81 of its bodies affected, researchers from security company Webroot said that the less widespread NotPetya outbreak was actually more dangerous, due to the fact that it was specifically engineered to disrupt and damage important systems.

The two malware strains are heavily based on the same exploit, a flaw in Windows Server Message Block system codenamed EternalBlue, which was part of a series of alleged NSA hacking tools dumped by the Shadow Brokers.

"This past year was unlike anything we've ever seen," said Webroot's vice president of engineering and cyber security, David Dufour. "Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods.

"Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cyber security standards to protect themselves."

A variant of the Petya ransomware from last year, NotPetya was first discovered in June 2017. Unlike most ransomware, NotPetya wasn't designed to encrypt files in order to extort money from victims. Instead, its goal was to wreak as much havoc on systems as possible, spreading within networks and permanently scrambling filesystems.

In fact, the researchers discovered that its resemblance to ransomware was nothing more than a cover to disguise its true purpose - even if victims paid, there was no way for NotPetya's creators to decrypt their files.

NotPetya, WannaCry and Locky were dubbed the nastiest malware campaigns of 2017 by Webroot, with other strains such as Cerber, CrySis and Nemucod also making the list.

ITPro:

You Might Also Read:

UK Health Service Should Have Prevented WannaCry Attack:

Postmortem: WannaCry Ransomware Explained:

Microsoft Chief Says N. Korea Was Behind 'WannaCry':

« Russian Hacking Went Far Beyond US Election
Bank Robbery: Cyber Criminals Steal $1Billion »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Micro Focus

Micro Focus

Micro Focus is one of the world’s largest enterprise software providers. We deliver trusted and proven mission-critical software that keeps the digital world running.

SentryBay

SentryBay

SentryBay is the global leader in preventative endpoint isolation protection. We protect remote, BYOD and corporate endpoints so they can safely and securely connect with your corporate network.

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

CynergisTek

CynergisTek

CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Chronicle

Chronicle

Chronicle products combine intelligence about global threats in the wild, threats inside your network, and unique signals about both.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

VIRTIS

VIRTIS

VIRTIS' mission is to provide today's leading organizations peace of mind that their entire digital network perimeter is safe from hackers and data breach.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Cognna

Cognna

Cognna's innovative platform is designed to empower you and your team, providing the tools you need to detect, prevent, and resolve threats with ease.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

SpectrumWise

SpectrumWise

SpectrumWise is a business technology specialist that provides Managed Services and Managed Security for small and medium IT Networks.

Faddom

Faddom

Faddom is an agentless tool that visualizes your on-premises and cloud infrastructure, as well as their inter-dependencies.

ThreatMon

ThreatMon

Gain insights into emerging threats with real-time data and AI-driven analysis to stay ahead of cyber risks. Detect, analyze, and respond to threats before they happen.