The fallout from the June NotPetya cyberattack is still being registered by some of the victims with pharmaceutical manufacturer Merck reporting it is still feeling the attack’s impact and still cannot measure the total affect the disruption caused on its business.
Merck reported it still has not fully quantified the financial impact NotPetya had, but said the malware’s impact has compromised the company’s ability to fulfill some orders in specific, unnamed, markets. This news was released in the company’s second quarter financial release.
Merck stated in the release that it is still in the process of restoring its manufacturing processes, has largely brought back online its packaging operation and partially restored its formulation processes. In addition, the company is trying to restore its Active Pharmaceutical Ingredient operations but still cannot produce product in bulk.
NotPetya struck on June 27 hitting Merck and dozens of other major corporations including FedEx and the shipping firm Maersk. Like the WannaCry malware that infected victims in May, Petya has a wormable component that allows it to spread laterally around connected networks. But while WannaCry specifically targets files, Petya encrypts a machine’s entire hard disk by overwriting the master reboot record, making it significantly more dangerous to infected organizations.