Petya Ransomware: Who Is Behind the Massive Attack?
A massive cyber-attack called Petya has crippled many organizations in the United States and Europe on Tuesday, June 27. However, who is behind it?
Similar to the WannaCry attack last May, the Petya ransomware attack targeted computers running the Microsoft Windows operating system by encrypting files on their PC and demanding $300 worth of the Bitcoin cryptocurrency in order to unlock them.
Researchers at Russia's Kaspersky Lab said at least 2,000 targets were affected, mostly in Ukraine and Russia. There are also attacks registered in a few different countries, including the United Kingdom, Germany, and China.
Even though it has already hit many companies, including the Danish shipping and oil group Maersk and the British advertising agency WPP, Petya has so far made roughly $20,000 less than how much the WannaCry attack had.
Researching the attack, NATO said it was likely launched by a state actor or by a non-state actor with support and approval from a state since the operation was extremely complex and expensive.
"The operation was not too complex, but still complex and expensive enough to have been prepared and executed by unaffiliated hackers for the sake of practice," NATO's Cooperative Cyber Defense Centre of Excellence (CCD COE) said in a press release on Friday, June 30. "Cyber criminals are not behind this either, as the method for collecting the ransom was so poorly designed that the ransom would probably not even cover the cost of the operation," it went on to say.
The implications of this mean that the cyber attack could be interpreted as an act of war. NATO Secretary General Jens Stoltenberg said a cyber-attack could trigger Article 5, which is the principle of collective defense.
"As important government systems have been targeted, then in case the operation is attributed to a state this could count as a violation of sovereignty," Tomáš Minárik, a researcher at NATO's CCD COE law branch, said, adding, "Consequently, this could be an internationally wrongful act, which might give the targeted states several options to respond with countermeasures."