NotPetya Attack Cost up to $300m
Transport and shipping giant A.P Moller-Maersk is one of many companies counting the cost of NotPetya – the destructive cyber attack that took place in the second quarter of 2017.
The NotPetya attack targeted mainly organisations in Ukraine, including the central bank, the Ukrengo electricity supplier, the Chernobyl nuclear power plant and airport and metro services throughout the country.
The malware was distributed through a Ukrainian accounting software called MeDoc used for filing tax returns in Ukraine. The MeDoc software contained backdoors into the networks of users of the software, which were used by the malware to enter via the software’s automatic update system.
Companies outside the UK were also impacted, including UK advertising firm WPP, US-based pharmaceutical company Merck, multinational law firm DLA Piper and French construction materials company, Saint-Gobain.
Maersk is believed to be the hardest hit, with a number of IT systems forced to shut down across multiple sites and selected business units. Email systems were also impacted.
The financial impact of the attack is estimated at $200m to $300m, according to the company’s interim financial report for the second quarter of 2017.
The financial report said: “Information security has a high business priority at A.P. Moller–Maersk. This cyber attack was a previously unseen type of malware, and updates and patches applied to both the Windows systems and antivirus were not an effective protection in this case”.
NotPetya was characterised by its use of two NSA-developed exploits – EternalBlue and EternalRomance, which were leaked by the Shadow Brokers hacking group.Return to internet news headlines
View Internet News Archive