Petya Ransomware: Ukrainian Authorities Confiscate Servers Belonging to Patient Zero
Police have confiscated the servers of M.E. Doc, a small tax software company tagged as patient zero of the recent Petya ransomware epidemic.
According to The Associated Press, "new activity" was discovered at the company and Ukraine's national cybercrime unit sought action by seizing its servers. According to Cyberpolice spokeswoman Yulia Kvitko, no arrests have been made against M.E. Doc, though Cyberpolice chief Col. Serhiy Demydiuk previously said that the company would answer for its crimes.
"They knew about it," Demydiuk told the publication. "They were told many times by various anti-virus firms. ... For this neglect, the people in this case will face criminal responsibility."
The Petya ransomware spread like wildfire last week after beginning in Ukraine. Several companies - including Danish shipping company Maersk, American pharmaceutical business Merck and an Australian factory belonging to British chocolate company Cadbury - were affected. Automated teller machines also stopped functioning.
This is not the first time a cyberattack like this has taken place. Earlier this year, the WannaCry malware also severely incapacitated a number of companies around the world. Both cyberattacks utilized hacking tools from the National Security Agency, though they have yet to admit that the tools came from them.
"The N.S.A. needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague that they've unleashed," IDT global chief information officer Golan Ben-Oni said (via The New York Times).
The Petya ransomware attack has resulted in monumental costs for some companies and organizations, though an exact or estimated amount has yet to be revealed. Infrastructure Minister Volodymyr Omelyan, however, communicated to the Associated Press that the outbreak resulted in costs going up to the "millions."
Microsoft previously released a patch for the vulnerability spotted in its system, but not everyone was able to correctly install the update and fix the issue.