Criminal Charges a Possibility for Ukranian Company That Spread Petya Ransomware

MeDoc, the Ukranian software company at the center of the Petya attack, saw their servers seized by Ukranian Police. The company could face criminal charges for their role in proliferating the malicious ransomware, due to “flawed security”. While the company did not willingly assist the spread, the firm has been accused of serious neglect.

Microsoft, Cisco and Symantec allegedly have evidence that the Petya ransomware spread via an update to MeDoc. The software is used by around 80% of Ukrainian companies to transmit financial documents.

MeDoc’s central update servers were allegedly running outdated software which opened a serious vulnerability. The vulnerability could have allowed an external party to spread ransomware through the software. While it is not clear at this stage whether this lead to a hack, it is clear there were many ways into the system.

Companies using MeDoc have been advised to stop using the software and to disconnect any devices containing the programme.

MeDoc were allegedly warned numerous times about their lack of security. Head of Ukranian Cyberpolice Col. Serhiy Demydiuk said MeDoc knew about their weaknesses, ending “… for this neglect, the people in this case will face criminal responsibility.” Read more.

The Facts of the Case Remain Unclear

The consequences of failing to tackle security are severe. Despite the severity of recent attacks, research suggests that a large proportion of companies are still exposed.

Small businesses in particular fall behind the pack with only 1/5th giving formal security training. Cyber security is a high priority for almost 70% of managers, yet less than 1/3rd of companies have written security policies in place. See more.

Next Steps

Choose your destination and we’ll help you through the steps to get there. Our security solutions help you proactively defend against attacks, keep your data secure and ensure you’re ready for future challenges.

Contact us today if you’re concerned about information security.