The Untold Story of NotPetya, the Most Devastating Cyberattack in History | WIRED
webCredibility Rating
3/5
Good(3)Good quality. Reputable source with community review or editorial standards, but less rigorous than peer-reviewed venues.
Rating inherited from publication venue: WIRED
This investigative piece documents the NotPetya cyberattack of 2017, a state-sponsored Russian cyberweapon that caused ~$10B in global damage. It illustrates catastrophic risks from offensive cyber capabilities, systemic infrastructure vulnerabilities, and how AI-enabled or state-sponsored cyberattacks could cause civilizational-scale disruption.
Metadata
Importance: 62/100news articlenews
Summary
This WIRED longform investigation details the 2017 NotPetya cyberattack, a Russian state-sponsored malware disguised as ransomware that devastated global infrastructure including Maersk, Merck, and FedEx. The attack originated in Ukraine and spread globally, causing an estimated $10 billion in damages. It serves as a landmark case study in how offensive cyber capabilities can produce catastrophic, uncontrolled global consequences.
Key Points
- •NotPetya was a destructive wiper disguised as ransomware, deployed by Russian military intelligence (GRU) targeting Ukraine but spreading globally.
- •Maersk, the world's largest shipping company, lost nearly all its IT infrastructure—45,000 PCs and 4,000 servers—requiring a complete rebuild in 10 days.
- •Total global damages exceeded $10 billion, making it the most costly cyberattack in history at the time.
- •The attack exploited the EternalBlue NSA exploit leaked by Shadow Brokers, highlighting risks of offensive cyber tool proliferation.
- •The incident demonstrates how interconnected global systems create cascading failure risks from a single cyberweapon deployment.
Cited by 1 page
| Page | Type | Quality |
|---|---|---|
| AI Cyber Damage: Bounding the Tail | Analysis | -- |
2 FactBase facts citing this source
| Entity | Property | Value | As Of |
|---|---|---|---|
| NotPetya (2017) | Incident Date | Jun 2017 | Jun 2017 |
| NotPetya (2017) | Financial Impact | $10B | Aug 2018 |
Cached Content Preview
HTTP 200Fetched May 4, 202642 KB
Save Story Save this story Save Story Save this story It was a perfect sunny summer afternoon in Copenhagen when the world’s largest shipping conglomerate began to lose its mind.
The headquarters of A.P. Møller-Maersk sits beside the breezy, cobblestoned esplanade of Copenhagen’s harbor. A ship’s mast carrying the Danish flag is planted by the building’s northeastern corner, and six stories of blue-tinted windows look out over the water, facing a dock where the Danish royal family parks its yacht. In the building’s basement, employees can browse a corporate gift shop, stocked with Maersk-branded bags and ties, and even a rare Lego model of the company’s gargantuan Triple-E container ship, a vessel roughly as large as the Empire State Building laid on its side, capable of carrying another Empire State Building–sized load of cargo stacked on top of it.
That gift shop also houses a technology help center, a single desk manned by IT troubleshooters next to the shop’s cashier. And on the afternoon of June 27, 2017, confused Maersk staffers began to gather at that help desk in twos and threes, almost all of them carrying laptops. On the machines’ screens were messages in red and black lettering. Some read “repairing file system on C:” with a stark warning not to turn off the computer. Others, more surreally, read “oops, your important files are encrypted” and demanded a payment of $300 worth of bitcoin to decrypt them.
September 2018. Subscribe to WIRED .
Mike McQuade Across the street, an IT administrator named Henrik Jensen was working in another part of the Maersk compound, an ornate white-stone building that in previous centuries had served as the royal archive of maritime maps and charts. (Henrik Jensen is not his real name. Like almost every Maersk employee, customer, or partner I interviewed, Jensen feared the consequences of speaking publicly for this story.) Jensen was busy preparing a software update for Maersk’s nearly 80,000 employees when his computer spontaneously restarted.
He quietly swore under his breath. Jensen assumed the unplanned reboot was a typically brusque move by Maersk’s central IT department, a little-loved entity in England that oversaw most of the corporate empire, whose eight business units ranged from ports to logistics to oil drilling, in 574 offices in 130 countries around the globe.
Jensen looked up to ask if anyone else in his open-plan office of IT staffers had been so rudely interrupted. And as he craned his head, he watched every other computer screen around the room blink out in rapid succession.
“I saw a wave of screens turning black. Black, black, black. Black black black black black ,” he says. The PCs, Jensen and his neighbors quickly discovered, were irreversibly locked. Restarting only returned them to the same black screen.
All across Maersk headquarters, the full scale of the crisis was starting to become clear. Within half an hour, Maersk employees were running down hallways, yelling to
... (truncated, 42 KB total)Resource ID:
e440b4ac304165e0 | Stable ID: sid_iaEht0M5Kg