In June 2017, nation-state hackers utilised a widely-used accounting software as a stepping stone to infect dozens of companies around the world. Its devastating impact paralysed shipping company Maersk, pharmaceutical company Merck, and French construction company Saint-Gobain.
At Maersk, a finance executive in Ukraine had asked an IT administrator to install the accounting software on a single computer in an office in Odessa, a port city on Ukraine’s Black Sea coast. That gave the malware the foothold it needed to spread beyond Ukraine, disabling ports and shipping operations at Maersk globally. IT engineers worked tirelessly to recover servers, systems, data and applications.
According to a White House assessment, the attack caused more than $10 billion of global damages.
In the full article published on Wired.com, journalist Andy Greenberg writes: “Almost everyone who studied NotPetya agrees on one point: that it could happen again or even reoccur on a larger scale.”
NotPetya has proven to the world that distance is no defence in cyberspace. With geopolitical tensions rising, this captivating story of NotPetya is a stark reminder of the ripple effects a nation-state attack has on companies.
Why does this matter for businesses?
- NotPetya is a story of nation-state cyber weapons, geopolitical tensions, and unsuspecting companies caught in the crossfire, suffering collateral damage.
- The story of NotPetya could be instructive for the current geopolitical tension between Ukraine and Russia.
- NotPetya highlights the need not only for cybersecurity protection within enterprises and across their supply chains. It also highlights the need for resilience.