In June 2017, the world was hit with NotPetya, the most vicious cyberweapon yet.
“To date, it was simply the fastest-propagating piece of malware we’ve ever seen,” said Craig Williams, director of outreach at Cisco’s Talos division, one of the first security companies to reverse engineer and analyze NotPetya, to Wired. “By the second you saw it, your data center was already gone.”
For the last year, I’ve been reporting out what it felt like to be inside a company hit by NotPetya, the unprecedented $10 billion cyberattack. The result is this WIRED cover story: how Russian malware took down Maersk, the world’s largest shipping firm. https://t.co/0XW6TMEW9I
— Andy Greenberg (@a_greenberg) August 22, 2018
It was propelled by two powerful hacker exploits working in tandem, explains Wired: EternalBlue, a penetration tool created by the U.S. National Security Agency but leaked during a disastrous breach in 2017. It takes advantage of vulnerabilities and allows hackers free rein to remotely run their own code on any unpatched machine. EternalBlue was combined with an older invention known as Mimikatz, which could pull passwords out of RAM and use them to hack into other machines accessible with the same credentials.
In 2017, the malware NotPetya spread from the servers of a Ukrainian software firm to some of the largest businesses worldwide. The worm crippled ports, paralyzed corporations, and froze government agencies. Here’s a breakdown of the approximate damages 1/ https://t.co/SHFLblcvcC pic.twitter.com/0QT0wRqTgr
— WIRED (@WIRED) August 22, 2018
The release of NotPetya cost more than $10 billion in total damages. In the year since the attack, Wired has looked into the experience of one corporate giant, Maersk, who was brought to its knees by Russia’s worm.
Thanks for reading InsideHook. Sign up for our daily newsletter and be in the know.