This new one dubbed “NotPetya” is scary… very scary!  It sells itself to look like ransomware, but it’s not.  It’s cyber warfare! There is no decryption key ever made so there is ZERO chance of ever recovering a file even if you unwisely pay the ransom.

Yesterday morning, after monitoring this new outbreak for 24 hours, I came to the conclusion we were dealing with cyber warfare, and not ransomware. Two separate reports coming from Comae Technologies and Kaspersky Lab experts confirm this now.

NotPetya is a destructive disk wiper similar to Shamoon which has been targeting Saudi Arabia in the recent past. Note that Shamoon actually deleted files, NotPetya goes about it slightly different, it does not delete any data but simply makes it unusable by locking the files and then throwing away the key. The end result is the same.

Someone is hijacking known ransomware families and using them to attack Ukrainian computer systems. Guess who.

You never had a chance to recover your files. There are several technical indicators that NotPetya was only made to look as ransomware as a smoke screen:

1. It never bothers to generate a valid infection ID
2. The Master File Table gets overwritten and is not recoverable
3. The author of the original Petya also made it clear NotPetya was not his work

Source: https://blog.knowbe4.com/notpetya-is-a-cyber-weapon-not-ransomware