Malware: Knowledge is power

We know a lot about the NotPetya malware, including how it spreads and its functionality. It was highly sophisticated, spread quickly, and caused harm. In this blog, I share more about lessons learned from the incident.
Satish Maripuri explains the malware incident that affected Nuance

The global NotPetya malware incident that affected us and thousands of other organizations worldwide was unprecedented. It was highly sophisticated, spread quickly, and caused harm.

Understandably, it also created a lot of confusion. Some initial media accounts were inaccurate and misconceptions about the incident continue to spread. That kind of uncertainty can create fear.

The key to combating that fear is knowledge. To that end, I’d like to share more about lessons learned from the NotPetya malware incident, to reduce uncertainty and help our clients feel confident in our systems going forward.

We know a lot about the NotPetya malware, including how it spreads and its functionality. We have compared the behaviors we have seen on our internal network with extensive research performed by the security community and the Department of Homeland Security (US-CERT).

Based on our research and the work of independent experts:

  • NotPetya is not ransomware, as was initially reported by the media. NotPetya does not provide a legitimate method for decrypting files in exchange for paying a ransom.
  • Patches alone were not able to stop NotPetya. Unlike some malware, patching alone would not have stopped the propagation of NotPetya. The malware also can spread via compromised credentials through two inherent windows management and administration tools that are active even on fully patched systems.
  • NotPetya does not spread by email, by email attachments or by infecting other files. Research confirms that the malware does not have this capability.

Rest assured that we are putting this knowledge into action. We are enhancing our security against similar future incidents, including hardening the security configurations of endpoints, deploying advanced endpoint prevention and detection software, and enhancing network security measures. In short, we upgraded our network architecture and IT policies as part of the recovery efforts to ensure we emerged from this incident with an enhanced, secure operating environment.

I know that our clients place a great deal of trust in our teams and our solutions, and we are working to earn that confidence every day. We also are committed to continuing to share the hard-won lessons we have learned from this situation.

Because knowledge is power.


Follow us on LinkedIn and Twitter to learn more.

Additional links for reference:
New Ransomware Variant “Nyetya” Compromises Systems Worldwide
The MeDoc Connection
NotPetya – Everything you need to know

Satish Maripuri

About Satish Maripuri

Satish Maripuri is the executive vice president and general manager of Nuance’s Healthcare division, overseeing all operational aspects of the business, including innovation strategy, product development, marketing, sales, partnerships, and client relationships across the company’s healthcare solutions portfolio. Under Satish’s leadership, Nuance Healthcare returned to growth from a 4% decline to 9% growth within three years. Satish is passionate about the criticality of purpose-driven culture and leadership to drive business growth. He has more than 28 years of management experience in enterprise software, SaaS solutions, natural language processing (NLP), artificial Intelligence (AI), international operations, global mobile workforces, and cloud services. Prior to joining Nuance in 2012, Satish held several executive leadership positions at global technology companies, including Solera Holdings, Lionbridge Technologies, and Imprivata. Satish holds a B.S. in Mechanical Engineering from Andhra University and M.S. degree in Computer Engineering from Northeastern University.