That “ransomware” attack was really a cyber-attack on Ukraine
According to Kaspersky, the Petya ransomware that raced around the world this week wasn’t ransomware at all, and there is no way to get back your files after it does its work (that’s why it was so easy to shut down the email address the ransomware used to negotiate payments and decryption with victims whose computers had been taken over).
This Petya strain is much more professional than the original Petya worm, and far superior to the last ransomware worm, Wannacry.
Kaspersky concluded that this Petya was a “wiper” that made the files it attacked unrecoverable, sending random numbers to people who paid the ransom.
This Petya strain, which researchers are calling Pnyetya, seemed to seek out Ukrainian computers, identifying them by seeking evidence of a program that every Ukrainian business needs to run as part of the national tax payment system.
Russian state hackers have used Ukraine as the test-bed for its cyberwar development effort.