|
gptkbp:instanceOf
|
gptkb:cybercrime
|
|
gptkbp:alsoKnownAs
|
gptkb:ExPetr
gptkb:Nyetya
gptkb:NotPetya
|
|
gptkbp:attributedTo
|
gptkb:Russian_military_(GRU)
|
|
gptkbp:causedBy
|
malicious software update to MeDoc accounting software
|
|
gptkbp:consequence
|
global shipping disruption
pharmaceutical production disruption
power grid monitoring interruption
|
|
gptkbp:damageEstimateUSD
|
10 billion
|
|
gptkbp:date
|
2017-06-27
|
|
gptkbp:declaredActOfWarBy
|
gptkb:Australian_government_(2018)
gptkb:Canadian_government_(2018)
gptkb:New_Zealand_government_(2018)
gptkb:UK_government_(2018)
gptkb:White_House_(2018)
|
|
gptkbp:majorCity
|
gptkb:France
gptkb:Germany
gptkb:Poland
gptkb:Russia
gptkb:Ukraine
gptkb:United_States
|
|
gptkbp:notableCompany
|
gptkb:Parliament_of_the_United_Kingdom
gptkb:Chernobyl_Nuclear_Power_Plant
gptkb:Rosneft
gptkb:Merck_&_Co.
gptkb:Mondelez_International
gptkb:Maersk
gptkb:Saint-Gobain
|
|
gptkbp:notableFeature
|
irreversible data destruction
masqueraded as ransomware
used legitimate software update mechanism
rapid lateral movement in networks
|
|
gptkbp:platform
|
gptkb:Microsoft_Windows
|
|
gptkbp:purpose
|
disruption
destruction of data
|
|
gptkbp:ransomDemanded
|
$300 in Bitcoin
|
|
gptkbp:ransomPaymentEffect
|
data not recoverable
|
|
gptkbp:relatedTo
|
gptkb:WannaCry_ransomware_attack
gptkb:Petya_ransomware
|
|
gptkbp:spreadTo
|
gptkb:PsExec
gptkb:Windows_Management_Instrumentation_(WMI)
gptkb:Mimikatz
gptkb:EternalBlue_exploit
|
|
gptkbp:usesMalware
|
gptkb:malware
wiper
|
|
gptkbp:bfsParent
|
gptkb:2017_NotPetya_outbreak
|
|
gptkbp:bfsLayer
|
6
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
NotPetya cyberattack
|