Weeks after the deadly WannaCry ransomware attack crippled hundreds of thousands of computers in more than 150 countries across the globe, another attack dubbed Petya has just hit Europe, with Ukraine emerging as the worst hit nation in the region.
Even though the haze of this attack is clearing, it is now emerging that this Petya attack is more than a typical ransomware attack that many would like to believe it is. Apparently, more than 60% of the systems that suffered from this latest attack were based in Ukraine, with the hack affecting some of the most sensitive organizations in the European country, including the Central Bank, metro transport, airport and even the renowned Chernobyl power plant.
While many have been led to believe that the attackers behind Petya were after money, it is now emerging that this wasn’t the primary motive of this attack. Usually, ransomware attacks work under the radar while at the same time collecting payouts from affected parties who are after recovering their encrypted data. Once these payouts are made, the attackers end up decrypting the systems and handing back the companies access to their data, but this is not the case for Petya.
Apparently, Petya has been unable to decrypt the hacked systems once payouts are made. In addition, the hackers were using a weird payout system that only used a single email address, which was shut down once reports of the attack broke out. As for the Bitcoin wallet, not so much has been collected as at the time of this writing, where a total of just $10,075 has been realized. When compared to typical ransomware attacks, for instance, WannaCry, this is a relatively small amount of money.
With this in mind, experts from different angles are now posing different questions – questions that are leading to conclusions that Petya is more than a typical ransomware attack and in fact, it’s possible that this is a cyberattack disguised as a ransomware attack. The huge damage that the attack has caused Ukraine adds more weight to this notion, where experts argue that it’s possible the attackers are specifically aiming this European country.
The Petya attack is easily moving within networks and while the initial attacks were kind of limited, it appeared that all of them were specific to Ukraine. In each case, the attack was targeting high-profile institutions in the country as opposed to typical ransomware attacks that target random cases as long as the targeted can make payouts as needed. Interestingly, it appeared as if the attackers had full control over where Petya was hitting and thus they chose to plant it in the said high-profile Ukrainian institutions, something that it not typical of ransomware attacks.
Some are not getting off Russia as the prime suspect in this saga, something that is not happening for the first time. In fact, it is believed that this Petya attack has something to do with the killing of a Ukrainian colonel in a car bomb in Kiev, which took place on the same day that the cyberattack broke loose. However, there’s nothing substantial to back these claims, at least for now.