11 votes

The untold story of NotPetya, the most devastating cyberattack in history

4 comments

  1. [2]
    spit-evil-olive-tips
    Link
    My favorite detail of the story:

    My favorite detail of the story:

    After a frantic search that entailed calling hundreds of IT admins in data centers around the world, Maersk’s desperate administrators finally found one lone surviving domain controller in a remote office—in Ghana. At some point before NotPetya struck, a blackout had knocked the Ghanaian machine offline, and the computer remained disconnected from the network. It thus contained the singular known copy of the company’s domain controller data left untouched by the malware—all thanks to a power outage. “There were a lot of joyous whoops in the office when we found it,” a Maersk administrator says.

    When the tense engineers in Maidenhead set up a connection to the Ghana office, however, they found its bandwidth was so thin that it would take days to transmit the several-hundred-gigabyte domain controller backup to the UK. Their next idea: put a Ghanaian staffer on the next plane to London. But none of the West African office’s employees had a British visa.

    So the Maidenhead operation arranged for a kind of relay race: One staffer from the Ghana office flew to Nigeria to meet another Maersk employee in the airport to hand off the very precious hard drive. That staffer then boarded the six-and-a-half-hour flight to Heathrow, carrying the keystone of Maersk’s entire recovery process.

    8 votes
    1. Celeo
      Link Parent
      Reads like a movie script. Exciting and impressive.

      Reads like a movie script. Exciting and impressive.

      2 votes
  2. starchturrets
    Link
    It's scary to see how interconnected everything is, how...easy to hack. That a single virus could affect hospitals, banks, fucking chernobyl cleanup crews*, is frightening. Also, sysadmins are...

    It's scary to see how interconnected everything is, how...easy to hack. That a single virus could affect hospitals, banks, fucking chernobyl cleanup crews*, is frightening.

    Also, sysadmins are heroes for dealing with this stuff.

    6 votes
  3. Flashynuff
    Link
    It really takes an attack like this to get executives to take IT security seriously. Hopefully this will serve as an example to get companies to invest in secure infrastructure. This was a great...

    It really takes an attack like this to get executives to take IT security seriously. Hopefully this will serve as an example to get companies to invest in secure infrastructure.

    This was a great article, thanks for posting.

    3 votes