But security experts say this attack was different.
"It definitely wasn't ransomware and wasn't financially motivated," Jake Williams, founder of cybersecurity firm Rendition Infosec, tells the Post. "The goal was to cause disruption in computer networks."
Likewise, Matt Suiche, founder of cybersecurity firm Comae Technologies, writes on his website, "The goal of a wiper is to destroy and damage ... Different intent. Different motive. Different narrative."
Suiche says the perpetrator wanted to disguise the intent of the attack. "We believe the ransomware was in fact a lure to control the media narrative," Suiche writes, "... to attract the attention on some mysterious hacker group rather than a national state attacker like we have seen in the past in cases that involved wipers such as Shamoon."
Still, Reuters says Ukrainian politicians blamed Russia for the attack, even as a Kremlin spokesman dismissed "unfounded blanket accusations."
The news agency says security researchers believe one goal of the attack was to put malware onto computers in government and commercial offices in Ukraine, perhaps in preparation for future sabotage.
In the short term, The New York Times says, the attack may have been aimed at shutting down Ukraine's computer systems. The malware appeared on the eve of a holiday celebrating the country's independence and initially targeted an unlikely group: tax accountants. The Times says many of them use Ukrainian-made software that runs on computers using Microsoft Windows and was recently updated. Microsoft said in a statement it has evidence that some of the ransomware infections started in the updating process.
Experts believe the attackers would have known they could get in through the update, the newspaper adds.
The attack paralyzed thousands of computers, shut down ports, factories and offices and spread to about 60 countries, Reuters says.
A second cyber attack hit Ukrainian's state power distributor, Ukrenergo, on Thursday, but didn't affect the nation's power network, according to the news service.
Danish shipping giant A.P. Maersk-Moller was hit hard by the spread of the malware this week, but said Friday its operations are almost back to normal, The Associated Press reports.
As for those still wondering if they should pay the ransom to restore their computers, Suiche notes, "The payment email address isn't accessible anymore if victims would happen to send payments."
More about: #CyberAttacks