With Ukraine as its primary target, NotPetya quickly spread to more than 60 countries, destroying the computer systems of thousands of multinationals.
The damage: One of these was the global transport and logistics giant Maersk, where NotPetya destroyed “all end-user devices, including 49,000 laptops and print capability”, according to the company’s head of technology Adam Banks.
“All of our 1,200 applications were inaccessible and approximately 1,000 were destroyed. Data was preserved on back-ups but the applications themselves
couldn’t be restored from those as they would immediately have been re-infected. Around 3,500 of our 6,200 servers were destroyed — and again they couldn’t be reinstalled,” Banks told i-cio.com.
The damage caused by NotPetya has been pegged at more than $10 billion. Maersk alone lost $250 million and $300 million. Other companies affected included Mondelez, Merck, WPP,
Reckitt Benckiser, Saint-Gobain and TNT Express.
Sneaky customer: NotPetya took its name from the ransomware Petya, deployed the previous year. Both encrypted Windows machines and then demanded payment in crypto in exchange for decryption
keys. But while Petya actually allowed the victim’s machines to be decrypted after payment, NotPetya did not.
Designed to look like a traditional ransomware programme, it had been modified to make it technically impossible to recover the victim’s files – whether they paid up or not.
This made it a ‘wiper’ – designed for indiscriminate destruction – disguised as ransomware. Money wasn’t the goal at all.
This, among other things, led the CIA to conclude in January 2018 that Russia’s GRU military spy agency had created and deployed NotPetya.
But is it warlike? One of the companies NotPetya did a number on was Mondelez, maker of Oreos. The malware disrupted its email systems, file access and logistics for weeks. But when Mondelez filed an insurance claim for damages, it was promptly denied on the basis that NotPetya was a warlike action and therefore excluded from Mondelez’s insurance coverage.
“The ensuing lawsuit between Mondelez and the insurer, Zurich, over whether NotPetya was sufficiently ‘warlike’ to trigger the exception will have far-reaching consequences for both buyers and sellers of cyber insurance policies,” according to Brookings. The case remains undecided.
Successors are here? On February 24, almost five years after the NotPetya attack, security firm Eset said a new data-wiping malware known as HermeticWiper has compromised hundreds of computers in Ukraine in a series of cyberattacks following Russia’s invasion. And in January, Microsoft had reported a series of attacks caused by WhisperGate malware, which, like Notpetya, appeared as ransomware before destroying data regardless of whether the victim paid or not.
Written by Zaheer Merchant in Mumbai.
TOP STORIES BY OUR REPORTERS
The BharatPe saga
Another battle on the cards: Even as BharatPe terminated Ashneer Grover from the company accusing him and his family of misusing company funds, another battle might be on the cards over the fintech’s original founder Bhavik Koladiya’s stake in the firm. Koladiya, who became a consultant during the early days of BharatPe — a company which he started — following his conviction in the US in a credit card fraud, is said to have split his holding in the company between the other two cofounders – Grover and Shashvat Nakrani, multiple sources briefed on the matter said.
BharatPe accuses Grover and family of fraud: BharatPe said on March 2 it has found cofounder Ashneer Grover and his family members guilty of fraud. It said Grover and relatives “engaged in extensive misappropriation of funds and syphoned money away from the company’s accounts”.
“The company reserves all rights to take further legal action against [Grover] and his family,” BharatPe added. The statement came after a meeting on March 1, during which the final report of a probe conducted by PwC was tabled before the board.
Grover responds: Grover said in response he was “appalled but not surprised” by the “personal nature” of the company’s statement, adding that it came from a position of “personal hatred and low thinking”.
Battle for Grover’s share: Soon after, we reported BharatPe was looking to claw back its cofounder Ashneer Grover’s restricted shares in the company. Grover currently holds roughly 8.5% in BharatPe. Of this 1.4% is not vested, sources told us.
Grover resigns: Grover resigned from the fintech startup as well as its board on March 1, alleging that he had been ‘vilified’and treated in the ‘most disrespectful manner’. In his letter of resignation, sent to the company’s board at midnight on March 1, a Grover accused BharatPe’s investors and the board of treating founders as ‘slaves’.
Open to making finances public: Hours after he resigned, Grover, spoke to ETtech’s Tarush Bhalla and Samidha Sharma in a video interview on Zoom. He said he was open to making his finances public and claimed the entire saga had cost him Rs 100 crore in stock options.
SIAC rejects Grover’s plea: Meanwhile, the Singapore International Arbitration Centre (SIAC) rejected BharatPe cofounder Ashneer Grover’s emergency plea to stop the “governance review” that is looking into allegations of financial irregularities at the fintech company, three sources told us.
Key appointments
Amazon India’s country head Amit Agarwal
Step up for Amit Agarwal: Amazon India’s country head Amit Agarwal has been given additional charge of emerging markets, according to an internal communication we reviewed. Manish Tiwary, vice-president of the web retailer’s
consumer business, will oversee day-to-day functions, but Agarwal will continue to head the India business. “This is a major step up for Amit (Agarwal). Getting all these markets under him really adds meat to his role,” said an Amazon insider.
Ananya Tripathi may join Byju’s Whitehat Jr as CEO: Ananya Tripathi, a managing director at KKR Capstone and former chief strategy officer at Myntra, is in talks to join edtech major Byju’s Whitehat Jr as its CEO later this month, multiple sources told us. She has resigned at KKR and is expected to start at Whitehat Jr in the middle of March, the sources added.
Amazon, Future agree on talks for out-of-court settlement
Lawyers for Amazon and Future Group on Thursday agreed to initiate talks to reach an out-of-court settlement of the 18-month-old dispute, sparked by Future Group’s plan to sell its assets to Reliance Retail. Responding to the development, the Supreme Court said it would hear the matter again on March 15, and told the three parties— Amazon, Future Retail and its promoter Future Coupons— to thrash out a settlement.
“We will simply adjourn the matter for 10 days. Meanwhile, work out a gentlemen’s understanding,” Chief Justice N V Ramana said.
The court also said that related proceedings in the Delhi High Court and the National Company Law Appellate Tribunal (NCLAT) could go on as scheduled.
Bhavish Aggarwal’s struggle to build a super app for Ola
For Bhavish Aggarwal, CEO and cofounder of Ola, the very business of ride hailing has never been enough. This time, though, his aggressive attempts at expansion and diversification come ahead of its much-publicised initial public offering (IPO). In late January, Ola said it was going to set up 500 dark stores to expand its nascent quick-commerce business Ola Dash. It is not just cabs that you can hire on Ola’s app. You can buy food and groceries through Ola Dash, and there’s also a link to buy the S1 electric scooter built by Ola Electric.
App & down: Ola’s other problem is about the app itself. To grow its businesses and to extract more value from its customers, the company should be able to effectively cross-sell its different services. But at the moment many of these services, although in one app, do not talk to each other.
ET panel to discuss startup IPOs on March 12
A group of industry leaders will soon discuss ‘The IPO Opportunity: How Indian startups will transition from private to public markets’ at The Economic Times Startup Awards (ETSA) in Bengaluru on March 12. The panellists discuss how Indian startups planning IPOs can move ahead with the next phase of their lifecycle as they become publicly listed companies.
Who’s on the panel? Some of the biggest names in the Indian startup scene, such as:
■Deepinder Goyal, founder & CEO, Zomato
■Nithin Kamath, founder & CEO, Zerodha
■Lizzie Chapman, cofounder & CEO, Zest Money
■Sahil Barua, cofounder & CEO, Delhivery
■Shekhar Kirani, partner at venture capital fund Accel
ETtech Deals Digest
Fintech focused investor QED will deploy $500 million in Indian startups: QED Investors will deploy up to $500 million in Indian startups over the next three years, Sandeep Patil, partner and head of Asia at the fintech-focused venture capital firm, told ET
MPL acquires Berlin-headquartered games studio GameDuell: Mobile Premier League (MPL), an Indian mobile eSports and skill gaming platform, has acquired Berlin-headquartered games studio GameDuell to expand operations across European markets. While the financial details weren’t disclosed, GameDuell employees will become a part of the MPL team.
Cloud kitchen firm Kitchens@ merges with Kitchens Centre: Cloud kitchen company Kitchens@ has merged with Kitchens Centre, making it one of the biggest players in the space with 1,000 kitchens in around 100 locations across 20 cities. The terms of the deal were not disclosed.
Scaler acquires AppliedRoots for $50 million: Edtech firm Scaler has acquired online learning platform AppliedRoots for $50 million in a cash and stock deal. The deal will enable it to strengthen its data science, Artificial Intelligence and Machine Learning capabilities, a senior company executive told ET.
IT firms stick with hybrid work as workers start returning to offices
An increasing number of IT companies are bringing employees back to work, but continuing with a hybrid model. While Infosys is implementing a “phased return to office” and encouraging employees to attend office
in person for a day or two per week, Tech Mahindra has asked employees to start coming to the office two days in a week starting April. HCL Technologies has said that it will continue with its hybrid work mode for the time being.
Wait-and-watch mode on Ukraine: As the Russia-Ukraine crisis escalates, India’s information technology and business process management industry has gone into wait-and-watch mode. Though Indian IT companies don’t have large operations in Ukraine, they have big centres in Eastern European countries such as Hungary, Romania, Poland and the Czech Republic, where business continuity plans are being activated.
Tech Mahindra launches TechMVerse: IT services firm Tech Mahindra has launched TechMVerse, its metaverse practice, which will allow its customers to create immersive experiences and transact in the metaverse. The company will build on its 5G and infrastructure capabilities to build this platform, in partnership with hyper-scalers and startups.
Urban Company to allot Rs 150 crore in stock options to gig workers
Urban Company said on Wednesday that it will allot stock options in the company worth Rs 150 crore to its gig workers – who comprise plumbers, electricians, cleaners, groomers and so on – through a ‘partner stock ownership plan’ (Psop). Founder Raghav Chandra told ET that the Psop would be similar to employee stock option plans (Esops) of companies across the world that use stock options to reward employees.
How will it work? Under the plan, the company will allot shares worth Rs 150 crore to thousands of service partners over the next five to seven years. It will set up a trust to manage the Psop and the stock options will be alloted to gig workers over and above what they already earn. The company said it has received board approval for the first tranche of stock options worth Rs 75 crore, which are to be disbursed over the next three to four years.
Who is it for? The Psop is only for India, where the company employs more than 32,000 gig workers. It also operates in Australia, Singapore, the UAE and Saudi Arabia.
Global tech groups express ‘strong concern’ over India’s data bill
Global technology groupings have come together to express their “strong concern” over the recommendations of a Joint Committee of Parliament on the Data Protection Bill. The recommendations “run counter to global standards” for data protection and competition, the associations – whose members include Microsoft, Apple, Amazon, Google and Dell – wrote in a letter to Union Minister of Electronics & Information Technology Ashwini Vaishnaw on Tuesday.
The absence of a formalised and robust public debate on these new provisions deviates from good regulatory practices, they added.
Who are the Signatories: The signatories include the US-India Business Council (USIBC), the US India Strategic Partnership Forum (USISPF), Information Technology Industry Council (ITI), Business Europe and The Japan Electronics and Information Technology Industries Association (JEITA).
Y Combinator’s top companies list
The list contains both public and private companies, which are valued at $150 million or more, and are sorted by their valuation as of February 2022. Y Combinator said 99 new companies joined the list since its last update in July 2021.
Curated by Judy Franko in Delhi. Graphics and illustrations by Rahul Awasthi.
That’s all from us this week. Stay safe.
