请输入您要查询的百科知识:

 

词条 Petya (malware)
释义

  1. History

  2. 2017 cyberattack

  3. Operation

  4. Mitigation

  5. Impact

  6. Reaction

  7. See also

  8. References

  9. Further reading

{{Infobox computer virus
| fullname = Petya
| image = File: 2017 Petya cyberattack screenshot.jpg
| caption = ASCII art of a skull and crossbones is displayed as part of the payload on the original version of Petya.[1]
| common_name =
| aliases = GoldenEye
NotPetya
| family =
| classification = Trojan horse
| type = Ransomware
| subtype = Cryptovirus
| isolation_date =
| origin =
| author =
| ports_used =
| OS = Windows
| filesize =
| language =
}}

Petya is a family of encrypting ransomware that was first discovered in 2016[1]. The malware targets Microsoft Windows-based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system.

Variants of Petya were first seen in March 2016, which propagated via infected e-mail attachments. In June 2017, a new variant of Petya was used for a global cyberattack, primarily targeting Ukraine. The new variant propagates via the EternalBlue exploit, which is generally believed to have been developed by the U.S. National Security Agency (NSA), and was used earlier in the year by the WannaCry ransomware. Kaspersky Lab referred to this new version as NotPetya to distinguish it from the 2016 variants, due to these differences in operation. In addition, although it purports to be ransomware, this variant was modified so that it is unable to actually revert its own changes.

History

Petya was discovered in March 2016;[3] Check Point noted that while it had achieved fewer infections than other ransomware active in early 2016, such as CryptoWall, it contained notable differences in operation that caused it to be "immediately flagged as the next step in ransomware evolution".[2] Another variant of Petya discovered in May 2016 contained a secondary payload used if the malware cannot achieve administrator-level access.[3]

The name "Petya" is a reference to the 1995 James Bond film GoldenEye, wherein Petya is one of the two Soviet weapon satellites which carry a "Goldeneye" – an atomic bomb detonated in low Earth orbit to produce an electromagnetic pulse. A Twitter account that Heise suggested may have belonged to the author of the malware, named "Janus Cybercrime Solutions" after Alec Trevelyan's crime group in GoldenEye, had an avatar with an image of GoldenEye character Boris Grishenko, a Russian hacker and antagonist in the film played by Scottish actor Alan Cumming.[4]

On 30 August 2018, a regional court in Nikopol in the Dnipropetrovsk Oblast of Ukraine convicted an unnamed Ukrainian citizen to one year in prison after pleading guilty to having spread a version of Petya online.[5][6][7]

2017 cyberattack

{{main|2017 cyberattacks on Ukraine}}

On 27 June 2017, a major global cyberattack began (Ukrainian companies were among the first to state they were being attacked[10]), utilizing a new variant of Petya. On that day, Kaspersky Lab reported infections in France, Germany, Italy, Poland, the United Kingdom, and the United States, but that the majority of infections targeted Russia and Ukraine, where more than 80 companies were initially attacked, including the National Bank of Ukraine.[10][12] ESET estimated on 28 June 2017 that 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%.[8] Russian president Vladimir Putin's press secretary, Dmitry Peskov, stated that the attack had caused no serious damage in Russia.[8] Experts believed this was a politically-motivated attack against Ukraine, since it occurred on the eve of the Ukrainian holiday Constitution Day.[9][10]

Kaspersky dubbed this variant "NotPetya", as it has major differences in its operations in comparison to earlier variants.[10] McAfee engineer Christiaan Beek stated that this variant was designed to spread quickly, and that it had been targeting "complete energy companies, the power grid, bus stations, gas stations, the airport, and banks".[11][12]

It was believed that the software update mechanism of {{ill|M.E.Doc|uk}} — a Ukrainian tax preparation program that, according to F-Secure analyst Mikko Hyppönen, "appears to be de facto" among companies doing business in the country—had been compromised to spread the malware.[8][13][14] Analysis by ESET found that a backdoor had been present in the update system for at least six weeks prior to the attack, describing it as a "thoroughly well-planned and well-executed operation".[23] The developers of M.E.Doc denied that they were entirely responsible for the cyberattack, stating that they too were victims.[13][15][16][27]

On July 4, 2017, Ukraine's cybercrime unit seized the company's servers after detecting "new activity" that it believed would result in "uncontrolled proliferation" of malware. Ukraine police advised M.E.Doc users to stop using the software, as it presumed that the backdoor was still present.[17][18] Analysis of the seized servers showed that software updates had not been applied since 2013, there was evidence of Russian presence, and an employee's account on the servers had been compromised; the head of the units warned that M.E.Doc could be found criminally responsible for enabling the attack because of its negligence in maintaining the security of their servers.[19][20][17]

Operation

Petya's payload infects the computer's master boot record (MBR), overwrites the Windows bootloader, and triggers a restart. Upon startup, the payload encrypts the Master File Table of the NTFS file system, and then displays the ransom message demanding a payment made in Bitcoin.[21][3][22] Meanwhile, the computer's screen displayes text purportedly output by chkdsk, Windows' file system scanner, suggesting that the hard drive's sectors are being repaired.[2]

The original payload required the user to grant it administrative privileges; one variant of Petya was bundled with a second payload, Mischa, which activated if Petya failed to install. Mischa is a more conventional ransomware payload that encrypts user documents, as well as executable files, and does not require administrative privileges to execute.[3] The earlier versions of Petya disguised its payload as a PDF file, attached to an e-mail.[3] United States Computer Emergency Response Team (US-CERT) and National Cybersecurity and Communications Integration Center (NCCIC) released Malware Initial Findings Report (MIFR) about Petya on 30 June 2017.[23]

The "NotPetya" variant used in the 2017 attack uses EternalBlue, an exploit that takes advantage of a vulnerability in Windows' Server Message Block (SMB) protocol. EternalBlue is generally believed to have been developed by the U.S. National Security Agency (NSA);[22] it was leaked in April 2017 and was also used by WannaCry.[24][22] The malware harvests passwords and uses other techniques to spread to other computers on the same network, and uses those passwords in conjunction with PSExec to run code on other local computers.[25][26][45] Additionally, although it still purports to be ransomware, the encryption routine was modified so that the malware could not technically revert its changes.[27] This characteristic, along with other unusual signs in comparison to WannaCry (including the relatively low unlock fee of US$300, and using a single, fixed Bitcoin wallet to collect ransom payments rather than generating a unique ID for each specific infection for tracking purposes),[28] prompted researchers to speculate that this attack was not intended to be a profit-generating venture, but to damage devices quickly, and ride off the media attention WannaCry received by claiming to be ransomware.[29][30]

Mitigation

{{See also|Ransomware#Mitigation|Infection control|Disaster recovery|Emergency management|Proactive cyber defence}}

It was found that it may be possible to stop the encryption process if an infected computer is immediately shut down when the fictitious chkdsk screen appears,[31] and a security analyst proposed that creating read-only files named perf.c and/or perfc.dat in the Windows installation directory could prevent the payload of the current strain from executing.[32][33][34][35] The email address listed on the ransom screen was suspended by its provider, Posteo, for being a violation of its terms of use. As a result, infected users could not actually send the required payment confirmation to the perpetrator.[28][36]

Microsoft had already released patches for supported versions of Windows in March 2017 to address the EternalBlue vulnerability. This was followed by patches for unsupported versions of Windows (such as Windows XP) in May 2017, in the direct wake of WannaCry.[37][38] Wired believed that "based on the extent of damage Petya has caused so far, though, it appears that many companies have put off patching, despite the clear and potentially devastating threat of a similar ransomware spread."[39] Some enterprises may consider it too disruptive to install updates on certain systems, either due to possible downtime or compatibility concerns, which can be problematic in some environments.[37]

Impact

In a report published by Wired, a White House assessment pegged the total damages brought about by NotPetya to more than $10 billion. This was confirmed by former Homeland Security adviser Tom Bossert, who at the time of the attack was the most senior cybersecurity focused official in the US government.[40]

During the attack initiated on 27 June 2017, the radiation monitoring system at Ukraine's Chernobyl Nuclear Power Plant went offline.[41] Several Ukrainian ministries, banks and metro systems were also affected.[63] It is said to have been the most destructive cyberattack ever.[42]

Among those affected elsewhere included British advertising company WPP,[63] Maersk Line,[43] American pharmaceutical company Merck & Co., Russian oil company Rosneft (its oil production was unaffected[44]), multinational law firm DLA Piper,[45] French construction company Saint-Gobain and its retail and subsidiary outlets in Estonia,[46] British consumer goods company Reckitt Benckiser,[47] German personal care company Beiersdorf, German logistics company DHL,[48] United States food company Mondelez International, and American hospital operator Heritage Valley Health System.[11][49] The Cadbury's Chocolate Factory in Hobart, Tasmania, is the first company in Australia to be affected by Petya.[50] On 28 June 2017, JNPT, India's largest container port, had reportedly been affected, with all operations coming to a standstill.[51] Princeton Community Hospital in rural West Virginia will scrap and replace its entire computer network on its path to recovery.[52]

The business interruption to Maersk, the world's largest container ship and supply vessel operator, was estimated between $200 and $300m in lost revenues.[53]

Jens Stoltenberg, NATO Secretary-General, pressed the alliance to strengthen its cyber defenses, saying that a cyberattack could trigger the Article 5 principle of collective defense.[54][55]

Mondelez International's insurance carrier, Zurich American Insurance Company, has refused to pay out a claim for cleaning up damage from a Notpetya infection, on the grounds that Notpetya is an "act of war" that is not covered by the policy. Mondelez is suing Zurich American for $100 million.[56]

Reaction

Europol said it was aware of and urgently responding to reports of a cyber attack in member states of the European Union.[57] The United States Department of Homeland Security was involved and coordinating with its international and local partners.[43] In a letter to the NSA,[58] Democratic Congressman Ted Lieu asked the agency to collaborate more actively with technology companies to notify them of software vulnerabilities and help them prevent future attacks based on malware created by the NSA.[59][60]

On 15 February 2018, the Trump administration blamed Russia for the attack and warned that there would be "international consequences".[61] The United Kingdom and the Australian government also issued similar statements.[62]

See also

  • Wiper (malware)

References

1. ^{{Cite news |last1=Greenberg |first1=Andy |title=The Untold Story of NotPetya, the Most Devastating Cyberattack in History |work=Wired |date=2018-08-22 |url=https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world |accessdate=2018-08-27}}
2. ^{{Cite web |url=http://blog.checkpoint.com/2016/04/11/decrypting-the-petya-ransomware/|title= Decrypting the Petya Ransomware |date= 2016-04-11 |website= Check Point Blog |access-date=2017-06-27}}
3. ^{{Cite news |url=http://www.networkworld.com/article/3069990/petya-ransomware-is-now-double-the-trouble.html|title= Petya ransomware is now double the trouble|last=Constantin |first= Lucian |work=NetworkWorld|access-date= 2017-06-27}}
4. ^{{cite web|url=https://www.heise.de/newsticker/meldung/Petya-Mischa-Goldeneye-Die-Erpresser-sind-Nerds-3571937.html|author=Scherschel, Fabian A. |title=Petya, Mischa, Goldeneye: Die Erpresser sind Nerds |publisher=Heise Online|date=2016-12-15|accessdate=2017-07-03|quote=Die Virenschreiber hinter diesen Erpressungstrojanern scheinen große Fans des Films zu sein. Wahrscheinlich sind sie in den Neunzigern aufgewachsen und identifizieren sich mit Boris Grishenko, dem russischen Hacker-Genie aus dem Film. Ob ein Twitter-Konto, welches genau auf dieses Profil passt, ein Bild von Boris Grishenko als Avatar nutzt und nach dem Verbrechersyndikat aus dem Film benannt ist, von den Drahtziehern betrieben wird, konnten wir nicht bestätigen. Aber es ist immerhin denkbar.}}
5. ^{{cite web |title=На Дніпропетровщині викрили чоловіка, який розповсюджував вірус «Petya.A» |author=Valery Iliyeva |work=Dniprograd |date=August 7, 2017 |url=http://dniprograd.org/2017/08/07/na-dnipropetrovshchini-vikrili-cholovika-yakiy-rozpovsyudzhuvav-virus-petyaa_59243 }}
6. ^{{cite web |title=Регіональний "координатор" вірусу РЕТYА на Дніпропетровщині отримав один рік тюрми |author= Ivan Muracha |work=Dniprograd |date=September 3, 2018 |url=http://dniprograd.org/2018/09/03/regionalniy-koordinator-virusu-retya-na-dnipropetrovshchini-otrimav-odin-rik-tyurmi_70920 }}
7. ^{{Cite web |title= Оголошено вирок у справі за фактами масштабних кібератак вірусу "PETYA" |date=August 31, 2018 |publisher=Judiciary of Ukraine |url=https://court.gov.ua/archive/546734/ |archive-url=https://archive.is/XRoHJ |archive-date=September 7, 2018}}
8. ^{{Cite news |url=https://www.bbc.com/news/technology-40428967|title= Tax software blamed for cyber-attack spread |date=28 June 2017 |work= BBC Newsv|access-date= 28 June 2017}}
9. ^{{Cite web | url = https://mobile.nytimes.com/2017/06/27/technology/ransomware-hackers.html | title = Cyberattack Hits Ukraine Then Spreads Internationally | date = 27 June 2017 | accessdate = 28 June 2017 | work = The New York Times}}
10. ^{{Cite news |url=https://www.bbc.com/news/technology-40427907|title= 'Vaccine' created for huge cyber-attack |last= Lee|first= David|date= 28 June 2017 |work=BBC News|access-date=28 June 2017}}
11. ^{{Cite news |url=https://www.bbc.com/news/technology-40416611|title= Global ransomware attack causes chaos |date=27 June 2017 |work= BBC News|access-date=27 June 2017}}
12. ^{{Cite news |url=https://www.wired.co.uk/article/petya-malware-ransomware-attack-outbreak-june-2017|title= There's another 'worldwide' ransomware attack and it's spreading quickly |last= Burgess |first=Matt| publisher =Wired UK |access-date= 2017-06-27}}
13. ^{{Cite news |url=https://www.bloomberg.com/news/articles/2017-06-28/microsoft-analysts-see-hack-origin-at-ukrainian-software-firm|title= Microsoft, Analysts See Hack Origin at Ukrainian Software Firm |date= 2017-06-28 | publisher = Bloomberg |access-date=2017-07-01}}
14. ^{{cite news |url=https://www.reuters.com/article/us-cyber-attack-ukraine-software-idUSKBN19O2DK |title=Family firm in Ukraine says it was not responsible for cyber attack |author=Jack Stubbs, Pavel Polityuk |publisher=Reuters |date=3 July 2017 |accessdate=5 July 2017}}
15. ^{{Cite news |url=https://arstechnica.com/security/2017/06/a-new-ransomware-outbreak-similar-to-wcry-is-shutting-down-computers-worldwide/|title= A new ransomware outbreak similar to WCry is shutting down computers worldwide|work=Ars Technica |access-date= 2017-07-01}}
16. ^{{Cite web | url = https://www.nytimes.com/2017/06/27/technology/global-ransomware-hack-what-we-know-and-dont-know.html | title = Global Ransomware Attack: What We Know and Don’t Know | first= Sheera | last= Frenkel | date = 27 June 2017 | accessdate = 28 June 2017 | work = The New York Times}}
17. ^{{Cite news|url=https://www.theguardian.com/technology/2017/jul/05/notpetya-ransomware-hackers-ukraine-bitcoin-ransom-wallet-motives|title=Hackers who targeted Ukraine clean out bitcoin ransom wallet|last=Hern|first=Alex|date=2017-07-05|work=The Guardian|access-date=2017-07-10|language=en-GB|issn=0261-3077}}
18. ^{{Cite news|url=https://arstechnica.com/security/2017/07/heavily-armed-police-raid-company-that-seeded-last-weeks-notpetya-outbreak/|title=Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak|work=Ars Technica|access-date=2017-07-10|language=en-us}}
19. ^{{cite news |url=https://www.reuters.com/article/us-cyber-attack-ukraine-backdoor-idUSKBN19Q14P |title=Ukraine scrambles to contain new cyber threat after 'NotPetya' attack |author=Jack Stubbs, Matthias Williams |publisher=Reuters |date=5 July 2017 |accessdate=7 July 2017}}
20. ^{{Cite news|url=http://www.abc.net.au/news/2017-07-03/cyber-attack-charge-ukarine/8675006|title=Ukrainian software company will face charges over cyber attack, police suggest|date=2017-07-03|agency=AP|access-date=2017-07-10|language=en-AU}}
21. ^{{Cite web|url=https://blog.kaspersky.com/new-ransomware-epidemics/17314/|title=New ransomware outbreak|website=Kaspersky Blog|publisher=Kaspersky Lab|access-date=2017-06-27}}
22. ^{{Cite web|url=https://www.theverge.com/2017/6/27/15879480/petrwrap-virus-ukraine-ransomware-attack-europe-wannacry|title=A new ransomware attack is hitting airlines, banks and utilities across Europe|last=Brandom|first=Russell|date=2017-06-27|website=The Verge|access-date=2017-06-27}}
23. ^{{Cite web|url=https://www.us-cert.gov/sites/default/files/publications/MIFR-10130295.pdf|title=MIFR-10130295|date=2017-06-30|website=United States Computer Emergency Response Team|access-date=2017-07-22}}
24. ^{{cite web |title=NSA-leaking Shadow Brokers just dumped its most damaging release yet |url=https://arstechnica.com/security/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/ |last1=Goddin |first1=Dan |work=Ars Technica |pages=1 |date=14 April 2017|access-date=13 May 2017}}
25. ^{{cite web|title=India worst hit by Petya in APAC, 7th globally: Symantec|url=http://economictimes.indiatimes.com/tech/internet/india-worst-hit-by-petya-in-apac-7th-globally-symantec/articleshow/59367013.cms|publisher=The Economic Times|accessdate=29 June 2017|date=29 June 2017}}
26. ^{{cite web|title=Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software|url=https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/|publisher=BleepingComputer|accessdate=29 June 2017|language=en-us}}
27. ^{{Cite news|url=https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b|title=Petya.2017 is a wiper not a ransomware – Comae Technologies|date=2017-06-28|work=Comae Technologies|access-date=2017-06-29}}
28. ^{{Cite web|url=https://www.theverge.com/2017/6/27/15881110/petya-notpetya-paying-ransom-email-blocked-ransomware|title=It’s already too late for today’s ransomware victims to pay up and save their computers|last=Brandom|first=Russell|date=2017-06-27|website=The Verge|access-date=2017-06-28}}
29. ^{{Cite web|url=https://arstechnica.com/security/2017/06/petya-outbreak-was-a-chaos-sowing-wiper-not-profit-seeking-ransomware/|title=Tuesday’s massive ransomware outbreak was, in fact, something much worse|work=Ars Technica|access-date=2017-06-28|language=en-us}}
30. ^{{Cite news|url=https://www.bbc.com/news/technology-40442578|title=Cyber-attack was about data and not money, say experts|last=|first=|date=29 June 2017|work=BBC News|access-date=29 June 2017|archive-url=|archive-date=|dead-url=|language=en-GB}}
31. ^{{cite web|last1=Solon |first1= Olivia |last2=Hern|first2=Alex|title= 'Petya' ransomware attack: what is it and how can it be stopped? |url=https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how|work= The Guardian|accessdate=29 June 2017 |date= 28 June 2017}}
32. ^{{Cite news |url=https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/|title= Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak|last=Cimpanu |first= Catalin|work=Bleeping Computer}}
33. ^{{cite web|last = Rogers|first = James |title= Petya ransomware: Experts tout 'vaccine' to protect computers from crippling cyber attack |url=http://www.foxnews.com/tech/2017/06/28/petya-ransomware-experts-tout-vaccine-to-protect-computers-from-crippling-cyber-attack.html| work =Fox News |accessdate= 29 June 2017|date=28 June 2017}}
34. ^{{cite web|title=Security researcher creates 'vaccine' against ransomware attack |url=https://www.telegraph.co.uk/technology/2017/06/28/security-researcher-creates-vaccine-against-ransomware-attack/| work =The Telegraph|accessdate=29 June 2017}}
35. ^{{cite web|last =Lee|first =Dave |title= 'Vaccine' created for huge cyber-attack |url=https://www.bbc.co.uk/news/technology-40427907| work = BBC News |accessdate=29 June 2017|date=28 June 2017}}
36. ^{{cite web|author1=Mikko Hypponen|title=Victims keep sending money to Petya|url=https://twitter.com/mikko/status/880036070267772929?lang=en|website=Twitter|quote=No way to contact the attackers, as their email address was killed.}}
37. ^{{Cite news |url=http://www.zdnet.com/article/six-quick-facts-june-global-ransomware-cyberattack/|title= Six quick facts to know about today's global ransomware attack |last= Whittaker |first=Zack|work=ZDNet |access-date= 2017-06-29}}
38. ^{{cite web |title=Microsoft issues ‘highly unusual’ Windows XP patch to prevent massive ransomware attack |url=https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack |last =Warren |first = Tom |date=13 May 2017 |website=The Verge |publisher= Vox Media |access-date=13 May 2017}}
39. ^{{Cite web |url=https://www.wired.com/story/petya-ransomware-outbreak-eternal-blue/|title= A Scary New Ransomware Outbreak Uses WannaCry's Old Tricks|website=Wired |access-date=2017-06-29}}
40. ^{{Cite news |url=https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ |title=The Untold Story of NotPetya, the Most Devastating Cyberattack in History |last=Greenburg |first=Andy |date=22 August 2018 |work=Wired |access-date=1 September 2018 }}
41. ^{{Cite news |url=https://www.independent.co.uk/news/world/europe/chernobyl-ukraine-petya-cyber-attack-hack-nuclear-power-plant-danger-latest-a7810941.html|title= Chernobyl's radiation monitoring system has been hit by the worldwide cyber attack|last=Griffin |first= Andrew |date=27 June 2017|work=The Independent | access-date= 27 June 2017}}
42. ^https://www.cnet.com/news/uk-said-russia-is-behind-destructive-2017-cyberattack-in-ukraine/
43. ^{{Cite news |url= https://www.npr.org/sections/thetwo-way/2017/06/27/534560169/large-cyberattack-hits-ukraine-snarling-electric-grids-and-airports |title= 'Petya' Cyberattack Cripples Ukraine, And Experts Say It's Spreading Globally |date=27 June 2017 |publisher= NPR |access-date= 27 June 2017 | work = The two way}}
44. ^{{cite news |title= Russia's Rosneft says hit by cyber attack, oil production unaffected|url= https://www.reuters.com/article/us-russia-rosneft-cyberattack-idUSKBN19I1N9|access-date=28 June 2017 | publisher =Reuters |date=27 June 2017}}
45. ^{{Cite news |url=https://www.nytimes.com/2017/06/27/technology/ransomware-hackers.html |title=New Cyberattack Spreads in Europe, Russia and U.S. |last=Scott |first= Mark |date= 27 June 2017 |work=The New York Times |access-date=27 June 2017 |last2=Perlroth |first2=Nicole |issn= 0362-4331}}
46. ^{{cite news |last= Ruuda |first=Lennart |title=Ehituse ABC sulges küberrünnaku tõttu kõik oma poed |language= Estonian |trans-title=Ehituse ABC closed all its stores because of cyberattack |publisher=Postimees |date= 2017-06-28 |url= http://majandus24.postimees.ee/4160147/ehituse-abc-sulges-kuberrunnaku-tottu-koik-oma-poed |access-date= 2017-06-28}}
47. ^{{Cite news|url=https://www.telegraph.co.uk/business/2017/07/06/dettol-maker-reckitt-benckiser-warns-revenue-will-hit-cleans/|title=Dettol maker Reckitt Benckiser warns revenue will be hit as it cleans up Petya cyber attack|last=Yeomans|first=Jon|date=6 July 2017|work=The Telegraph|access-date=9 July 2017|archive-url=|archive-date=|dead-url=}}
48. ^{{Cite news|url=http://boerse.ard.de/aktien/hackerangriff-beiersdorf-und-co-hart-getroffen100.html|title=Hackerangriff: Beiersdorf & Co hart getroffen|last=|first=|date=6 July 2017|work=ARD|access-date=9 July 2017|archive-url=|archive-date=|dead-url=|trans-title=Hacking attack: Beiersdorf and other companies badly affected}}
49. ^{{Cite news |url= https://www.theguardian.com/world/2017/jun/27/petya-ransomware-attack-strikes-companies-across-europe|title= 'Petya' ransomware attack strikes companies across Europe and US |last=Henley |first= Jon |date= 27 June 2017 |work=The Guardian |access-date=27 June 2017 |last2=Solon |first2=Olivia |issn= 0261-3077}}
50. ^{{cite news |title= Petya cyberattack: Hobart's Cadbury chocolate factory struck | url= http://www.theaustralian.com.au/business/technology/petya-cyber-attack-hobarts-cadbury-chocolate-factory-struck/news-story/0952a26ba16b22a85da636a92393206f |access-date= 28 June 2017 |work=The Australian}}
51. ^{{cite news |title= New malware hits JNPT operations as APM Terminals hacked globally |url= http://indianexpress.com/article/india/cyber-attack-new-malware-hits-jnpt-ops-as-apm-terminals-hacked-globally-4725102/ |access-date=28 June 2017 |work= The Indian Express |date=27 June 2017}}
52. ^{{Cite news|url=https://www.wsj.com/articles/cyberattack-forces-west-virginia-hospital-to-scrap-its-computer-systems-1498769889|title=Business News: Hospital Is Forced To Scrap Computers|last=Evans|first=Melanie|date=30 June 2017|work=The Wall Street Journal|access-date=2 July 2017|archive-url=|archive-date=|dead-url=}}
53. ^http://www.zdnet.com/article/petya-ransomware-cyber-attack-costs-could-hit-300m-for-shipping-giant-maersk/
54. ^{{cite web |url=http://thehill.com/policy/cybersecurity/overnights/339926-overnight-cybersecurity-new-ransomware-wasnt-really|title= Overnight Cybersecurity: New questions about 'ransomware' attack – Tensions between NSA chief, Trump over Russia – Senate panel asks states to publicize election hacks |first= Joe|last= Uchill|date= 28 June 2017 | work = The hill}}
55. ^{{cite web |url=http://www.haaretz.com/world-news/europe/1.798322|title= NATO Warns Use of Article 5 Over Cyber Attack, Members Pledge Spending Increase|date=28 June 2017 | work = Haaretz}}
56. ^{{cite |url=https://www.theregister.co.uk/2019/01/11/notpetya_insurance_claim/|title=Cyber-insurance shock: Zurich refuses to foot NotPetya ransomware clean-up bill – and claims it's 'an act of war'|date=11 January 2019|author=Kieran McCarthy|publisher=The Register}}
57. ^{{cite web |url=https://www.bloomberg.com/news/articles/2017-06-27/ukraine-russia-report-ransomware-computer-virus-attacks|title= New Cyberattack Goes Global, Hits WPP, Rosneft, Maersk |last1 =Turner|first=Giles|last2=Verbyany |first2= Volodymyr |date=27 June 2017|website=Bloomberg |access-date= 27 June 2017|last3=Kravchenko |first3= Stepan}}
58. ^{{cite web | last = Lieu | first = Ted | title = Letter to NSA director | publisher = House | format = PDF |url=https://lieu.house.gov/sites/lieu.house.gov/files/documents/6-28%20Letter%20from%20Rep.%20Lieu%20to%20Adm.%20Rogers.pdf|access-date= 29 June 2017}}
59. ^{{cite web |last = Hatmaker |first = Taylor | date = 2017-06-28 | work = Tech crunch |title= In aftermath of Petya, congressman asks NSA to stop the attack if it knows how |url=https://techcrunch.com/2017/06/28/ted-lieu-petya-notpetya-no-kill-switch/|access-date= 29 June 2017}}
60. ^{{cite web |title=New computer virus spreads from Ukraine to disrupt world business |url=https://www.reuters.com/article/us-cyber-attack-idUSKBN19I1TD|publisher= Reuters|access-date=29 June 2017 |date= 2017}}
61. ^thehill.com
62. ^[https://wccftech.com/australia-us-uk-russia-notpetya/ US, UK, Australia Warn Russia of “International Consequences” – NotPetya Outbreak Attributed to the Kremlin]

Further reading

{{refbegin}}
  • {{Cite news |last1=Greenberg |first1=Andy |title=The Untold Story of NotPetya, the Most Devastating Cyberattack in History |work=Wired |date=2018-08-22 |url=https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ |issn=1059-1028 |df=mdy-all }}
{{refend}}{{Hacking in the 2010s|collapsed}}{{Portal bar|2010s|Computer security|Criminal justice|Law|Information technology|border=Microsoft|Internet}}{{Use dmy dates|date=July 2017}}

7 : 2017 in computer science|2017 in Ukraine|Cyberattacks|Cybercrime|Hacking in the 2010s|June 2017 crimes|Ransomware

随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/11/12 21:06:23