FedEx and Nivea were among the multinational corporations to experience material financial damage from the recent NotPetya ransomware attack, according to Reuters.
Other corporations that reported material financial damage from NotPetya included:
- Beiersdorf: The German consumer products provider attributed a financial shortfall in the first half of 2017 to shipping and production delays related to computer and system outages caused by NotPetya.
- Maersk: The integrated transport and logistics company said its worldwide operations were affected by NotPetya.
- Mondelez: The Cadbury chocolate maker reported a 5 percent drop in quarterly sales due to shipping and invoicing problems caused by NotPetya.
In addition, Cyence, a firm that specializes in cyber risk modeling, has estimated the economic costs of NotPetya total $850 million, Reuters reported.
What Is NotPetya?
NotPetya refers to malware that was used as part of a ransomware attack against global organizations on June 27.
The malware disguises itself as the Petya ransomware and demands about $300 in Bitcoin to unscramble hostage data, The Register reported. It uses a series of tools to gain administrator access on a computer and take control of other machines across a network, according to The Register.
Although many cybersecurity experts initially believed NotPetya was a form of Petya, antivirus software provider Kaspersky Lab noted the malware was "significantly different" from earlier versions of Petya. As such, Kaspersky in a blog post dubbed the malware "NotPetya."
NotPetya, Petya and other recent ransomware attacks highlight a global cybersecurity problem that continues to escalate.
How Deep Is the Global Ransomware Problem?
In fact, many global organizations have been affected by ransomware attacks, which is reflected in a recent study conducted by technology research firm Osterman Research and cybersecurity and anti-malware software company Malwarebytes.
Key findings from the "Understanding the Depth of the Global Ransomware Problem" study of 540 IT professionals included:
- Nearly 80 percent of organizations have been the victim of a cyberattack during the past 12 months, and nearly 50 percent have been the victim of a ransomware attack.
- More than 50 percent of IT decision-makers consider ransomware to be a "concern" or "extreme concern."
- Ransomware was most likely to enter an organization through a desktop computer and least likely to enter through a smartphone or tablet.
- Email was the most likely attack vector for ransomware.
- Mid-level managers and senior executives are disproportionately affected by ransomware.
Ultimately, the end user is the biggest attack vector for cybercriminals, according to IT security company Sophos.
By educating end users about ransomware and other cyber threats, organizations can stop a cyberattack at its source, Sophos noted.
