Last Tuesday morning, June 27, 2017, a version of the “Petya” malware attack—dubbed “NotPetya”—hit several multinational companies in a variety of industries. This is the second major cyber attack in just two months following the May 12 WannaCry attack, although NotPetya has differed in target and execution from the WannaCry incident and may provide some companies new cybersecurity lessons.

WannaCry and NotPetya both entered systems through the same Windows exploit. Microsoft had issued a patch two months before both attacks, but not all entities had updated their software. Unlike WannaCry, NotPetya compromised entire systems rather than individual files. NotPetya has been more damaging than WannaCry and is considered to be more sophisticated.

According to one security firm’s investigation, NotPetya is a “wiper,” not ransomware like WannaCry, as initially believed. A 2016 version of Petya functioned as ransomware, but the 2017 modified version (thus “NotPetya”) does permanent and irreversible damage to the disk, despite originally posing as ransomware. Some commentators believe that the appearance of ransomware was intended to suggest to the media that an independent hacker group, rather than a nation state, was behind the attack. Initially, NotPetya appeared to target Ukrainian government and commercial organizations. However, the infection has shut down ports, factories, and offices worldwide. The destructive (rather than ransom-seeking) nature of the attack emphasizes the necessity of multiple backups. Additionally, companies should be careful to layer and architect their network such that all their eggs are not in one proverbial cyber basket. The attack has also prompted businesses to seek more comprehensive cyber insurance coverage.