It started with a few flickering screens in a Danish office. Within minutes, a digital plague had paralyzed global trade, leaving the world's largest shipping company powerless and its massive vessels adrift. But this attack wasn't for ransom—it was for pure destruction. In the premiere of Digital Fallout, we uncover the story of a geopolitical cyber weapon that escaped its cage and the unbelievable, accidental miracle that saved a global empire from permanent deletion. This is the story of how our physical world hangs by a fragile digital thread.
Show Notes: Sources
Our story today was built on the foundation of incredible investigative journalism from reporters who covered this event extensively. For listeners who want to dive deeper into the story of the NotPetya attack, these are the primary sources we recommend:
- "The Untold Story of NotPetya, the Most Devastating Cyberattack in History," an article by Andy Greenberg for WIRED magazine, forms the core of the public narrative regarding Maersk's experience.
- The book "Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers" by Andy Greenberg provides deep context on the attackers and the geopolitical landscape.
- Financial and logistical impact reporting from The New York Times, The Wall Street Journal, and Reuters was published in the weeks and months following the June 2017 attack.
- Public statements and quarterly financial reports from A.P. Møller-Maersk detailing the incident's operational and financial costs.
Episode Transcript
It's a story about the biggest shipping company in
the world and the day a singleline of code brought it, and a
measurable slice of globaleconomy, to a dead stop.
It begins not on a containership, but in an office in
Ukraine with an accountingsoftware update that was
actually a declaration of war.
All righty, then.
(00:20):
Ladies and gentlemen, welcomeback to another episode of
Privacy, please.
I'm your host, cameron Ivey,and today's episode is a brand
new series called DigitalFallout, where I'll go behind
the headlines to tell the realstories of our digital world.
Before we jump into today'sstory, a quick but important
(00:42):
note for our listeners.
The events I'll be discussingtoday are based on real-world
incidents, and our narrative isbuilt upon extensive public
reporting for reputable newsoutlets, official company
statements and securityresearchers.
We've synthesized thisinformation to create a
compelling story, but it is nota direct firsthand account.
(01:03):
A compelling story, but it isnot a direct firsthand account
and, as always, while we discusslegal and security topics, I am
not a lawyer or a securityprofessional providing advice.
The content of this podcast isfor informational and
educational purposes only.
Now, with that being said,let's get into this week's story
.
In June of 2017, an IT worker atthe Maersk headquarters in
(01:26):
Denmark noticed a few computersacting strangely.
Then a few more, within minutes, screens across the office went
black, replaced with a red andblack ransom note demanding
Bitcoin.
But then the phone startedringing.
It wasn't just them, it wastheir office in Rotterdam, in
New Jersey, in Mumbai.
(01:47):
One by one, across 130countries, the digital eyes and
ears of the world's largestshipping company were going
blind.
The digital heartbeat thatscheduled and tracked 76,000
sailors and nearly 4 millionshipping containers.
Flatlined Ships worth billionscarrying untold cargo, were
(02:11):
suddenly adrift in a digitalocean with no way to dock.
This wasn't a typicalransomware attack.
You see.
The forensics team quicklyrealized the payment system on
the ransom note was fake.
The malware wasn't designed tohold data hostage.
It was designed to wipe it fromexistence.
(02:32):
This was a weapon, not a crime.
They traced its origin to ahijacked update from a popular
Ukrainian tax software calledMEDOC.
The worm, later dubbed NotPetya, had been unleashed, likely by
Russian state hackers, as an actof cyberwar against Ukraine,
(02:53):
and Marysk had becomecatastrophic collateral damage.
Catastrophic collateral damage.
The race was on.
The global IT team at Maersk wasin a frantic search for what
they called a digital Adam andEve a single uninfected computer
that could be used to rebuildtheir entire global network from
scratch.
They had backups, but thesystem that managed and
(03:17):
authenticated the backups wasalso destroyed.
It was a fortress without ablueprint.
Every server they checked wascorrupted.
For days the multi-billiondollar company was run on
WhatsApp, post-it notes andpersonal cell phones.
It looked like their entiredigital kingdom, built over
decades, had been completely andpermanently erased in just
(03:41):
seven minutes.
And then, a miracle, a callcame in from an office in Accra,
ghana.
A routine power outage hadknocked their local server
offline.
Just before the attack hit, itwas disconnected from the
network at the same moment.
The digital plague wasspreading.
That server, kept safe by arandom blackout, was the only
(04:06):
machine left in the world thatcontained a copy of their global
user directory.
It was flown like a preciousartifact to the UK single server
.
A heroic team of engineersworked non-stop for 10 days to
rebuild Maersk's entire 4,000server, 45,000 PC network.
(04:27):
The fallout was immense A $300million financial loss for
Maersk and a terrifying lessonfor the world.
It proved that a geopoliticalconflict in one corner of the
world could instantly paralyze aDanish shipping company and
disrupt global supply chains.
The Napetia attack.
(04:48):
It wasn't just a data breach.
It was the moment the world sawhow fragile our interconnected
society truly is.
It was the day the code becamea weapon.
It's a powerful reminder of howinterconnected and vulnerable
our world truly is.
(05:08):
And that brings us to the end ofour episode.
A final thank you to theincredible journalists and
researchers whose work made thisstory possible.
Our account today was built onreporting from sources like
Wired Magazine, the New YorkTimes and the hard and countless
work of security professionalswho analyze these events, so we
can all learn from them.
For a list of our primaryresources for today's story,
(05:31):
please check our show notes.
Thanks for joining us ontoday's journey.
Until next time, stay curious,stay safe.
You've been listening toPrivacy, please.
And thank you so much fortuning in.
I hope you enjoyed this story.
I hope you enjoyed this format.
I would love to hear from youbecause, if you like it, I'll
keep doing it.
I really enjoy telling storiesand, yeah, so I'll see you guys
(05:56):
next week.
Thanks for tuning in.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
New Heights with Jason & Travis Kelce
Football’s funniest family duo — Jason Kelce of the Philadelphia Eagles and Travis Kelce of the Kansas City Chiefs — team up to provide next-level access to life in the league as it unfolds. The two brothers and Super Bowl champions drop weekly insights about the weekly slate of games and share their INSIDE perspectives on trending NFL news and sports headlines. They also endlessly rag on each other as brothers do, chat the latest in pop culture and welcome some very popular and well-known friends to chat with them. Check out new episodes every Wednesday. Follow New Heights on the Wondery App, YouTube or wherever you get your podcasts. You can listen to new episodes early and ad-free, and get exclusive content on Wondery+. Join Wondery+ in the Wondery App, Apple Podcasts or Spotify. And join our new membership for a unique fan experience by going to the New Heights YouTube channel now!