Recent investigations have found that three of the biggest cyber disasters in history are associated with the same APT (advanced persistent threat). APT is a series of hacking procedures. APT is planned and driven by a cybercriminal or a cybercriminal group to hack a specific user or organization.
Last year, the worldwide cyber epidemic of NotPetya Ransomware destructed quite a few organizations around the world. Organizations then engaged in lengthy processes for data recovery and ransomware removal. Some of the big names that were breached included one of the largest shipping conglomerates in the world, Maersk. Likewise, the pharmaceutical giant Merck was also one of the casualties of the ransomware. The incident served as an eye-opening lesson for many, and the threat of ransomware received significant recognition.
When NotPetya Ransomware initially emerged, some experts drew parallels with the WannaCry Ransomware. However, later it was found out that the cyberthreat did contain all the ransomware components, but it did not feature a decrypting mechanism. This meant that even if users paid ransomware for ransomware removal, they would be unable to get their data back.
Now, the latest investigations point towards a link between NotPetya Ransomware and Industroyer. Industroyer has been notorious for breaching ICS (industrial control systems). The cybercriminal group of Industroyer is known in the underground circles by the name “Telebots”.
The impact of Industroyer in the Ukrainian cyber circles is not unheard of. In fact, it has been one of the biggest cyberthreats of the country since the last few years. In 2016, Industroyer shut down the power grid in Kiev –– Ukraine’s capital. Another infamous participation of Industroyer was in 2015. At that time, the malware was involved in the BlackEnergy attacks. As a consequence of those attacks, there were several blackouts in different areas of Ukraine.