Petya-NotPetyaIn 2016 and 2017 the world was hit hit by cyber attacks from the Petya and NotPetya ransomware but whilst the two attacks appear similar there is a significant difference between the intentions or motives of the two attacks.

The original Petya attack in 2016 was a true ransomware attack insofar as the programme was an encryption malware that infected the master boot system of Windows based systems causing the system to encrypt the data in the hard drives file system and preventing windows from booting. The users system then demanded payment via Bitcoin and  in return the file user would be provided with the decryption keys and the user’s system could be restored, at  least in theory and many did have success with the decryption of files.

This ransomware was clearly an attempt by criminals to achieve financial gain from cyber ransom.

The main difference with the Not Petya ransomware is that whilst attacking the users system in fundamentally same way the malware left the user with no opportunity to actually enter decryption keys and restore the system. One has to assume that this was a deliberate ploy insofar as any large scale extortion would be impossible as the news broke very quickly that restoration of the system was not possible on machines infected with NotPetya.

onsequently this particular malware can only been seen as cyber vandalism causing loss, damage and inconvenience purely for it’s own sake.

0161 300 2930 Blackfriars Group