Researchers now believe Tuesday’s NotPetya attack may have had a totally different purpose than expected. Originally thought to be a ransomware attack intended to extort victims for payment, researchers now suspect it was more sinister.
It appears the attack was instead designed to destroy information with no intention to return any encrypted data. According to Kaspersky Labs, NotPetya is a wiper, a form of malware solely intended to delete data. Even if victims paid the ransom, they didn’t get their data back. As they point out, similar versions of ransomware typically display a personal infection ID in the ransom note, which is crucial to recovering the data. In this case, the malware was generated using a random string of data unrelated to the key, making it impossible to recover data.
Regardless of the malware’s intention, it’s still important to know how to avoid falling victim to an attack. Luckily, Datto Tech Evangelist, Henry Washburn, recently provided a detailed outline to get operations back up and running in the event of a malware attack.