‘Ukrainian company that distributed NotPetya knew about insecure servers’
According to the Ukrainian police, the company MeDoc knew that its ICT infrastructure was unsafe. Several security companies would have warned about this. The NotPetya malware was distributed through the company’s update process, according to Microsoft, among others.
The head of the internet division of the Ukrainian police says in an interview with the Associated Press that the company was aware of the lack of security. By ignoring the signals, the company would now be criminally liable for the consequences, he says. It is unclear whether an investigation into the company is actually underway.
Shortly after Tuesday’s internet attack, the company, which develops accounting software, posted a notice on its site apologizing and stating that the infections had occurred through its servers. Not long after, this message was removed and the company stated on Facebook that it had nothing to do with the distribution. According to AP, the company has not responded to questions from the news agency since then.
Several companies, including Microsoft, attribute the distribution of NotPetya to a malicious update distributed via a MeDoc update. In a recent investigation, Slovakian security firm ESET claimed it found a PHP backdoor on the company’s FTP server, giving attackers the opportunity to distribute the update.