Starting as a fake Ukrainian tax software update, this ransomware is a variant of an older attack dubbed Petya, except this version uses the same exploit behind WannaCry. Once the software update was applied to devices, hackers used the exploits to spread laterally through networks like a worm. The code used to build NotPetya was not designed to extort money from its victims, but rather to destroy everything it its path. Inception: June 2017; Attack vector: Supply Chain ME.doc and Eternal Blue & Eternal Romance Exploit
The worldwide Accellion #cyberattacks appear to have originated from the infamous Clop #ransomware gang. https://wbrt.io/2P5E1Ln
Our #BrightCloud Threat Intelligence associated the IP address of the SolarWind's Orion update with a botnet in the summer of last year.
A properly configured security tool using our #threatintelligence data would have blocked comms with the C&C server. https://wbrt.io/3aQsjv7