The president of the German federal cyber agency has warned that the NotPetya virus which struck firms across the world last week poses a greater threat than expected.
BSI chief Arne Schoenbohm said some German firms had been forced to stall production and other critical processes for more than a week after being hit by the virus.
“It has resulted in millions of euros of damage, and this in a case where Germany got off lightly,” Schoenbohm said in a statement reported by Reuters.
The BSI’s analysis reportedly showed that several attacks had been launched via updates to Ukrainian accounting software M.E.Doc. Firms that used the software may have been infected even if there were no signs of a breach, BSI said.
The virus was originally mistaken for a well-known type of ransomware called Petya, but security researchers have since said it is significantly more more destructive.
Confusion appears to have stemmed from the fact that the code was masquerading as the ransomware virus, but cybersecurity expert the Grugq has said that the similarities were only skin deep.
“Although there is significant code sharing, the real Petya was a criminal enterprise for making money. This [malware] is definitely not designed to make money,” the Grugq said. “This is designed to spread fast and cause damage, with a plausibly deniable cover of ransomware.”