Petya and NotPetya are two related bits of ransomware that utilized exploits from the NSA toolbox. NotPetya had a particular affinity for Ukrainian targets. In particular, an estimated 80% of the 2018 attack wave were in the Ukraine. The top targets were energy companies, utilities, and the electric grid. Thanks to its targeted distribution in the country and it being launched on the eve of the Ukrainian Constitution Day holiday, it is believed to have been a politically motivated attack. Notable victims included the Maersk shipping giant, the Chernobyl radiation detection systems, and Mondelez. It was believed to have been one of the most damaging ransomware attacks to far.
Faced with a claim of $100 million, Zurich American Insurance Company has refused to pay out – saying that the ransomware attack was an Act of War – and that is excluded from coverage. The problem is headed to the courtroom. However, analysts say that Zurich will have to find a smoking gun to show that Russia – or a specific nation state – was behind the attack.
This is more than just $100 million worth of snacks. State-sponsored activities have been a major part of many malware attacks and data thefts of recent years – think Stuxnet (USA and Israel), think North Korea hacking film studios, think of that massive hack of Equifax. Either way this lawsuit goes, the impact on businesses, insurance in general, and that budding market called cyber-insurance will be around for a long time.