In 2017, the NotPetya malware, attributed to Russian actors, crippledA.P. Moller-Maersk’s global operations, one of the world’s largest shippingand logistics companies.

While the initial infection point was likely part of a supply chain attack (targetingUkrainian software), the primary vector of catastrophe was the malware’s abilityto spread rapidly via wormable exploits that exploited unpatched vulnerabilitiesacross Maersk’s global IT network. The fundamental security flaw was theassumption of implicit trust across the vast corporate network.

The lack of internal segmentation allowed NotPetya to move laterally, quicklyinfecting administrative and logistical systems necessary for port operations.The result was operational paralysis that shut down container terminals globally,forcing a catastrophic recovery effort that cost approximately $300 million andinvolved reinstalling 4,000 servers and 45,000 PCs over ten days.

Uncontrolled lateral spread is the core driver of the immense financial cost associated with NotPetya-style attacks.

BlastWave directly addresses this by applying Identity-Defined Microsegmentation (IDM) to the corporate and OT networks. Once a single machine is compromised, ransomware attempting to spread laterally (via protocols like SMB or byleveraging stolen hashes) would be blocked instantly.

This occurs because the compromised machine’s identity would not be authorized (and thus invisible) to any other system on the network. Any attempt by themalware to initiate communication with other machines would fail, as it lacks thevalid, cryptographically verified identity required to establish a secure tunnel to acloaked endpoint.