NOTPETYA MALWARE: Cyber World’s Foe
As technology is advancing, cyber or malware attacks have increased over the past decades. Because of the attack, the world’s cybersecurity is questioned. Different forms of ransomware have created a tremendous hazard in the cyber world. One of the major malware attacks that multinational companies have to face is the Not Petya attack.
What happened at Maersk?
Maersk, the biggest container ship and supply vessel operator in Denmark was faced with an unexpected ransomware attack on 27 June 2017. The company was badly affected by a malware known as Notpetya and around 4000 to 40000 servers and PCs were under attack. The attackers spread the malware after grasping control of the software update mechanism of M.E.Doc, the de Facto standard accountancy package for firms doing business in Ukraine.
What is Notpetya malware?
Notpetya is an advanced version of Petya malware which was discovered in the year 2016. Petya ransomware encrypts the data of the infected system and charges a ransom amount in Bitcoin to regain the system. It mainly targets Microsoft-based systems encrypts the hard drive’s file and prevents Windows from booting. NotPetya has more features than Petya, which helps to spread and infect the system. NotPetya is considered as a cyber attack against Ukraine but the malware has affected not only the target but also infected machines all over the world. The malware has been infected in many multinational companies including Maersk during the year 2016-17.
Is Notpetya more dangerous than the earlier form?
It is considered that both Petya and Notpetya target system files, encrypt them, and demand a ransom in the form of bitcoin. The Petya malware has to be downloaded by the victim that appears in the form of email spam and it starts to encode the system. But Notpetya is a kind of malware that is infected without the knowledge of the user and uses a variety of techniques to spread all over the system including EternalBlue and EternalRomance, two exploits developed by the United States.
It takes advantage of a tool called Mimi Katz to find network administration documents in the infected system and use the PsExec and WMIC tools built into Windows to access the other computer’s local network and infect them as well. It encodes everything on the master boot and seriously affects the user’s hard drive. Notpetya ransomware is more vulnerable than the Petya ransomware as it damages the system and will be impossible to repair into the original form. 
Read about the Manifestation of Malware in our blog.
How Maersk recovered from the attack?
As the attack was serious the company took immediate actions that the IT experts gathered to track, identify, and remove malware from affected systems in order to restart their operations. Internal and external communications were established and the company transmitted daily updates about their dealings. They established several instructions to do all the actions required for the customers.
Is Notpetya still active in the cyber world?
Studies have shown that the effect of Notpetya is still going on in different countries and experts claim the possibility that this malware can reoccur in a larger form than the earlier version. The only possible way to avoid a data breach is to update the system and its applications regularly. Prevent the downloading of unknown attachments and create a strong unique password to protect the system from any kind of malware attack.
Proactive Threat Hunting for UAE Enterprises: Finding Attackers Before They Strike
Key Takeaways: Proactive threat hunting is not the same as traditional monitoring. Monitoring waits for the alerts, while threat hunting actively searches for signs of attacker behaviour that may not trigger automated detection. For UAE enterprises, threat hunting is becoming more important because attacks are shifting from simple malware to credential abuse, ransomware preparation, cloud […]
CERT-IN Empanelled VAPT: Why Indian Companies Should Choose CERT-IN Approved Firms in 2026
Key Takeaways: Running a VAPT with a CERT-In empanelled firm means your security testing is backed by a standard that regulators and enterprise clients in India actually recognize, not just a vendor promise. When sensitive data and critical systems are involved, a CERT-In empanelled VAPT provider gives Indian companies compliance readiness they can demonstrate, not […]
SOC 2 Type I vs Type II Timeline: How Long UAE Companies Actually Need
Key Takeaways: SOC 2 Type I vs Type II timelines differ and it is mostly based on audit depth. Type I checks if controls are well-designed at a given point in time. Type II goes a step further and it proves those controls worked consistently over a defined period. For UAE SaaS companies, Type I […]
AI Security Testing for US SaaS Platforms: NIST AI RMF and What 2026 Standards Require
Key Takeaways: AI security testing for SaaS platforms isn’t just a technical upgrade from traditional app security. It’s a completely different job. You’re not running a scan on code, you’re stress-testing a model to see how it breaks when someone is actively trying to make it fail. NIST AI RMF isn’t law yet, but your […]
SOC 2 Compliance for DIFC and ADGM-Registered Companies: What’s Different?
Key Takeaways: SOC 2 isn’t a regulatory requirement in DIFC or ADGM but if you’re dealing with enterprise clients, investors, or international partners, it is quickly becoming something the market expects anyway. DIFC and ADGM have their own data protection frameworks, but SOC 2 goes further, it asks whether your security, privacy, and operational controls […]
How Indian SaaS Enterprises Can Defend Against Ransomware in 2026
Key Takeaways: Ransomware defense for Indian enterprises in 2026 is identity-driven, which is not just malware-driven, access control is your first and most critical line of defense. Effective ransomware defense requires detection and response speed, not prevention tools alone. How fast you contain an attack determines the level of damage. Backup validation is as critical […]
