NotPetya Postmortem: Ransomware, Ruse or Targeted Takedown?


CrowdStrike security experts offer an in-depth analysis of the destructive NotPetya global attack

It first appeared in the guise of a ransomware attack, with similarities to the infamous global WannaCry attack — but the plot quickly thickened: The self-propagating threat family collectively known as NotPetya went on to provide plenty of interesting twists and turns for cyber researchers during the days that followed. The more details they uncovered about the way the threat was crafted and deployed, the more questions came to light regarding the true motives behind this sophisticated and destructive fileless malware attack, and its actual intended targets.

In this new CrowdCast, CrowdStrike VP of Intelligence Adam Meyers will recount his team’s fascinating investigation to ascertain the actions and possible intent of NotPetya’s perpetrators, followed by a step-by-step analysis of the attack’s behavior — and how it was prevented starting on Day Zero — by the CrowdStrike Falcon® endpoint protection platform.

Featured Speakers

Adam Meyers

CrowdStrike, VP Intelligence

As Vice President of Intelligence for Crowdstrike, Adam Meyers oversees all of CrowdStrike’s intelligence gathering and cyber-adversarial monitoring activities. Meyers has authored numerous papers for peer-reviewed industry venues and has received awards for his dedication to the information security industry. Previously, Meyers was the director of cyber security intelligence with the National Products and Offerings Division of SRA International, where he provided technical expertise at the tactical level and strategic guidance on overall security program objectives.

Peter Ingebrigtsen

CrowdStrike, Technical Manager

Peter Ingebrigtsen is a technical marketing manager at CrowdStrike, where he uses his comprehensive knowledge of CrowdStrike solutions to create tools that help customers take full advantage of the Falcon platform features to solve problems and experience all the benefits CrowdStrike solutions offer. Peter has been in technical marketing for over five years, supporting both network and endpoint security products. Prior to his time in technical marketing, he was a sales engineer for a network monitoring company. In his role as an SE, he focused primarily on telcos and large enterprise. When he’s not at work, he can be found, working with wood, taking guitar lessons or attending one of his children’s events.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center