A "state actor" was behind the cyberattack that hit over 12,000 devices in around 65 countries on Tuesday hitting major industries from advertising to oil, according to a NATO-affiliated think-tank .
The "Petya" ransomware attack encrypted files on a computer and demanded $300 worth of the cryptocurrency bitcoin in order to unlock them. Kaspersky Lab estimates at least 2,000 targets were affected, mostly in Russia and the Ukraine, but attacks were registered in several other countries, including Germany, the U.K. and China.
Researching the attack, a NATO-affiliated research institution says it was likely launched by a state actor, or by a non-state actor with support and approval from a state, as the operation was very complex and expensive.
"The operation was not too complex, but still complex and expensive enough to have been prepared and executed by unaffiliated hackers for the sake of practice. Cyber criminals are not behind this either, as the method for collecting the ransom was so poorly designed that the ransom would probably not even cover the cost of the operation," NATO's Cooperative Cyber Defense Centre of Excellence (CCDCOE), said in a press release on Friday.