The head of Europol’s European Cybercrime Centre (EC3), Steven Wilson, was clear in an interview with the BBC Thursday: "Do not pay. Because you’re funding serious organized crime."
Wilson also said that last year’s Internet Organised Crime Threat Assessment found ransomware attacks to be the top digital threat facing the European Union.
But the attack that started in Ukraine Tuesday has been widely reported to be malware disguised as ransomware, meaning that the goal of the attack was to cause damage, not necessarily to make money.
The original version of Petya is a malicious software that takes over computers and demands a Bitcoin payment of US$ 300 to regain access to files. It’s similar to the WannaCry ransomware, which affected more than 230,000 computers in 150 countries in May, The Guardian reports.
Experts are skeptical that financial criminals were behind the June 27 attack, which used an updated version of Petya also being called NotPetya or Nyetya, Wired reports.
"This is definitely not criminal. It is more likely state-sponsored," said Roman Boyarchuk, the head of the Center for Cyber Protection within Ukraine’s State Service for Special Communications and Information Protection.
Ukrainian officials are pointing a finger at Russia, as they have for past cyber-attacks, The New York Times reported.
Wilson, the EC3 head, said Europol has not yet traced the source of the attack, and that it will merit an "extremely complex global investigation."
Ukraine was disproportionately affected by the Petya imitator – several government ministries, the central bank, state postal service, national railway company and Kiev’s main airport were all hit.
But while 60 percent of the victims were located in Ukraine, the next hardest-hit country was Russia, followed by Poland, Italy and Germany, Deutsche Welle reported.
The current tally is that a total of 64 countries were impacted, including the United States, according to a roundup by The New York Times.