Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Like a criminal setting fire to a crime scene, the infamous Petya malware outbreak may have been part diversion, part cover-up of more traditional network intrusions, according to a Booz Allen Cyber4Sight technical analysis.
Petya infected thousands of networks in Ukraine and wreaked havoc on the country in late June. Since then, the nature of the malware has vacillated from ransomware, which encrypts files and demands a payment to decrypt them, to a wiper, a type of malware that irreversibly destroys the machines it infects.
At the same time, experts have theorized about the motivations behind the people who carried out the attack: Were they, like most ransomware peddlers, criminals seeking to profit from ransom payments, or was Petya simply a vehicle for destruction?
It remains unclear what motivated the Petya outbreak and, to a degree, what kind of malware Petya is exactly. However, it is crystal clear that the attackers infected their victims by compromising a popular Ukrainian tax software called MEDoc, using its update service to spread the malware, which masqueraded as a new version of MEDoc.
Based on an analysis of submissions to a popular malware repository over a period of months—including malicious MEDoc updates and tools associated with a well-established threat group—Booz Allen Cyber4Sight believes that the TeleBots threat actors may have used the Petya malware as a mechanism for wiping forensic evidence of their activities at the conclusion of a traditional network intrustion.
Download the report below to learn more from our analysis.