“Petya virus differs a lot from the previous ones and it seems as if it was written specially for Ukraine. Previous attacks were of financial character, it was a virus –extortionist Wannacry that spread throughout the world, encrypted the files and requested payment. Petya virus erases data, it does not have the way to return data to people, even if they pay. It was distributed through the accounting system M.E.Doc, which is used only in Ukraine and is mandatory for reporting taxes. This is a very technically adapted to Ukraine virus and it seems that this is an attack from the state,” he noted.
Bilogorskiy explained that Petya virus only ‘pretends to be a virus -extortionist’.
"He really asks for a ransom, but the experts' opinion now is that this has changed in the last few hours, that it's extortion activity is just for a show. In fact, its real goal is to damage the systems and interfere with the infrastructure, to damage and destroy the data. I suppose that Russian special forces are behind the attack, judging by how it was spread, what it harms and how it differs from other viruses. This is quite a complex virus, it has many methods of distribution. You need at least 5-10 people with different skills and at least about a month of work (to create such virus),” he said.
As it was reported earlier Microsoft confirmed complicity of M.E.Doc to Petya virus spread. According to company’s specialists, the virus was launched after legitimate update of M.E.Doc software.