The recent malware attack, named 'NotPetya' which crippled at least 2,000 targets across the world, had NATO announce that the cyber attack was an attack by a 'state actor' or a group with state approval on 30 June.
The attack which was initially seen to resemble the WannaCry ransomware was later found to be much worse as once a system was affected by it, the malware would erase all data on the system and did not have the ability to decrypt data after having encrypted it. The attack, however, appeared to primarily target Ukrainian infrastructure, including an electricity supplier, the central bank, the state telecom, and an airport, as reported by The Verge.
The statement by NATO's Cooperative Cyber Defence Centre of Excellence (CCD COE) allows the cyber attack, which affected 60 countries, to be interpreted as an act of war, compelling allied nations to take action accordingly. The reaction is triggered by what is known as Article 5 of the Washington Treaty. The highlight of which, states that "collective defence means that an attack against one Ally is considered as an attack against all Allies."
“NotPetya is a sign that after WannaCry, yet another actor has exploited vulnerability exposed by the Shadow Brokers. Furthermore, it seems likely that the more sophisticated and expensive NotPetya campaign is a declaration of power, demonstration of the acquired disruptive capability and readiness to use it,” said Lauri Lindström, a researcher at NATO CCD COE Strategy Branch in the statement.
The statement also said, "The operation was not too complex, but still complex and expensive enough to have been prepared and executed by unaffiliated hackers for the sake of practice. Cyber criminals are not behind this either, as the method for collecting the ransom was so poorly designed that the ransom would probably not even cover the cost of the operation."