The NotPetya attack that hit Maersk was primarily targeted at Ukraine by Russia. carried out by Iran in order to retaliate against the West for imposing economic sanctions that are hurting the Iranian economy. orchestrated by Hapag-Lloyd, a rival container shipping company looking to gain an advantage in the market. launched by hackers seeking to extract a ransom from Maersk in exchange for unlocking their computers and data. Maersk had 150 Windows domain controllers and all but one were wiped out in the NotPetya attack. The one that survived was because it was on the CEOs laptop, which was in Palo Alto because the CEO was scheduled to give a presentation at Stanford the next morning. it was on the only machine in the company that had an up to date operating system with all patches installed. it was kept in a safe in the CEOs office in Copenhagen. it was located in Ghana, where there was a power outage at the time of the attack..