U.K. says Russia was behind NotPetya cyberattack that shut down Nuance, hospitals

Officials found the Russian military “was almost certainly responsible” for the massive global attack, and serves as a reminder that nation-state actors can impact even small organizations that weren’t the intended target.
By Jessica Davis
12:33 PM
petya cyberattack ransomware

The U.K. government has found the Russian government responsible for the global Petya cyberattack that shut down a wide range of major companies in June, including parts of FedEx, biopharma giant Merck, Nuance Communications and some U.S. health systems.

Officials specifically find the Russian military at fault.

“The attack showed a continued disregard for Ukrainian sovereignty,” officials said in a statement. “Its reckless release disrupted organizations across Europe, costing hundreds of millions of pounds. We call upon Russia to be the responsible member of the international community it claims to be rather than secretly trying to undermine it."

Learn on-demand, earn credit, find products and solutions. Get Started >>

Hackers struck in the early hours of June 27, 2017, launching a malware attack that masqueraded as ransomware. However, researchers soon discovered it was actually wiper malware with one purpose: to destroy computer systems and data and disrupt business operations.

In fact, both Merck and FedEx reported permanent damage to their systems, while a West Virginia health system had to replace its entire network after falling victim.

[Also: House Committee wants Nuance to share lessons from NotPetya Attack]

The Petya cyberattack was the second global cyberattack in 2017. WannaCry ripped through the U.K. health system in May, shutting down operations for a majority of its medical centers. It hit many U.S. hospitals, as well. Security researchers and the U.S. government found the attack was launched by North Korea.

For Petya, its target was a Ukranian shipping company, and yet it severely impacted operations in the U.S. for both Nuance and health systems. It demonstrates that even smaller hospitals are susceptible to nation-state actors, even if they aren’t the intended victim, as these threats propagate in the wild.

“Russians are the most advanced when it comes to hacking,” according to James Scott, a security researcher for ICIT. Nation-state actors, cyber mercenaries and even nation-state employees that freelance at night have a high level of capability.

And living in a connected world does come with a price. Because even if an attack originates in another country, as seen with both Petya and WannaCry, it can rapidly spread to other organizations, regardless of the country.

“[These attacks] happen to all of us. It’s part of the condition of cyber … the internet doesn’t care,” said Andrew Seward, chief information security officer of New Hampshire-based Elliot Health System. “It doesn’t care if the hacking attack started in Maine or elsewhere. It’s equal opportunity everywhere.”

Future-proofing security

Why cybersecurity is top of mind for forward-looking healthcare orgs.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.