By the time Deb Dellapena arrived for workat Merck & Co.'s90-acre campus north of Philadelphia, there was a handwritten signon the door: The computers are down.

It was worse than it seemed. Some employees who were already attheir desks at Merck offices across the U.S. were greeted by aneven more unsettling message when they turned on their PCs. A pinkfont glowed with a warning: "Ooops, your important files areencrypted. … We guarantee that you can recover all your filessafely and easily. All you need to do is submit the payment …" Thecost was $300 worth of bitcoin per computer.

The ransom demand was a ruse. It was designed to make thesoftware locking up many of Merck's computers—eventually dubbedNotPetya—look like the handiwork of ordinary criminals. In fact,according to Western intelligence agencies, NotPetya was thecreation of the GRU, Russia's military intelligence agency—the sameone that had hacked the Democratic National Committee the previousyear.

Continue Reading for Free

Register and gain access to:

  • Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
  • Informative weekly newsletter featuring news, analysis, real-world cas studies, and other critical content
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.