Przejdź do treści

Major Cyber Incident: NotPetya

Other incident names: ExPetr, SortaPetya, Petna, ExPetr, Diskcoder.C, Nyetya, GoldenEye

About NotPetya

The Russian military intelligence service, the GRU, used a Trojan to initially target
Ukrainian infrastructure with a wiper called NotPetya. The attack spread worldwide to
become what the United States considered the most destructive and costly cyberattack
in history. IT companies linked the campaign to the APT group Sandworm, who have been
linked to many disruptive cyberattacks against Ukraine, such as the two consecutive
energy blackouts in Ukraine at the end of 2015 & 2016. Multiple governments attributed
the campaign to the GRU and its Unit 74455 that is generally associated with Sandworm.
Political and legal action was taken by the European Union and several individual
governments in response.


From 27 June 2017

Incident Type

Disruption, Hijacking with Misuse


Russian stateaffiliated group “Sandworm

Affected Target

Ukrainian Infrastructure and hundreds of entities across the world

More Major Cyber Incidents (MaCIs)

  • Research and Analysis
Major Cyber Incident: KA-SAT 9A

4 October 2023
W tej szczegółowej analizie Mika Kerttunen, Kim Schuck i Jonas Hemmelskamp omawiają włamanie do sieci KA-SAT na Ukrainie i w Europie Zachodniej na początkowych etapach rosyjskiej wojny przeciwko Ukrainie.
Major Cyber Incident: BAPCO

15 February 2023
In this detailed analysis, Mika Kerttunen and Linda Liang discuss the attack on Bahraini oil company BAPCO by Iranian state-backed hackers.

Welcome to our Cyber Incident Dashboard!

For best results, please view on a desktop device.