The worldwide cyberattack attack "Petya" — which infected computer systems in more than 60 countries June 27 — is "most likely be attributed to a state actor," according to a team of researchers from the North Atlantic Treaty Organization Cooperative Cyber Defence Centre of Excellence.
The Petya attack — which some security experts refer to as "NotPetya," after research revealed the malware was a more destructive version of an older ransomware called Petya — was "probably launched by a state actor or a non-state actor with support or approval from a state," according to the researchers.
Researchers determined other options are unlikely due to both the complexity of the global attack and the apparent lack of financial motivation. "The method for collecting the ransom was so poorly designed that the ransom would probably not even cover the cost of the operation," the researchers wrote.
They noted a cyberattack with consequences "comparable" to an armed attack can trigger Article 5 of the North Atlantic Treaty, which may include military response. However, there are no current reports that Petya led to consequences comparable to an armed attack, according to the researchers.
"WannaCry and NotPetya raise again the question about the possible response options of the international community," the researchers wrote. "The number of affected countries shows that attackers are not intimidated by a possible global level investigation in response to their attacks."
Click here to view the full analysis.