NotPetya and not just Petya: NSA, the US National Security Agency, started using a hacking tool called EternalBlue five years ago. During this period, the service violated networks, using a flaw that it should have immediately revealed to Microsoft.
The NSA finally revealed the vulnerability to Microsoft earlier this year, but only after the exploits were stolen and then made available online. Microsoft immediately released a "critical" patch (in March), and WannaCry was released in May. A ransomware that used EternalBlue to infiltrate Windows computers. This malware has infected more than 230.000 computers in more than 150 countries.
Yesterday we met NotPetya.
NotPetya is similar to Petya ransomware, but belongs to a classification of its own, according to security researchers. They both used EternalBlue exploit, but their similarities do not end there.
NotPetya is a completely new form of ransomware used since yesterday to invade Chernobyl radiation detection system, the Kiev metro, banks and at least one US hospital.
OR Kaspersky claims that at least 2.000 businesses and institutions around the world have been affected in the last 24 hours.
— Kaspersky (@kaspersky) June 27, 2017
And WannaCry, it was disastrous, but it was an impossible tool full of bugs created by amateurs.
NotPetya, according to experts, is not an amateur tool.
"It's great. "It's really big," former NSA analyst David Kennedy told Forbes.
Unlike WannaCry, which contained a Switch kill so you could turn it off remotely. The new ransomware does not have something similar.
The bad news is that it can infect any version of Windows, including Windows 10. It can infect even patched systems if there is an unpatched PC on the network.
The failure of the NSA and the CIA to hold the tools in their hands taught a very good lesson to all those who criticized Snowden. Snowden had warned that this could happen.
Gathering information from services can cause damage globally.
Let's not forget that NotPetya has just started….