Here are two different articles with two very different conclusions as to the severity of the Petya / NotPetya outbreak that began yesterday.  One common thread is that all sources agree on the root cause / distribution method.  It is very scary to consider the implications of a compromised, yet trusted software vendor and the update processes that take place everyday from and with these vendors.

For this author’s perspective, I tend to see this outbreak as less devastating than WannaCry simply because of the lack of an active Internet worm component.  It is certainly more harmful in any given LAN that it infects, but the number of potential LAN’s to be infected is limited.

https://threatpost.com/complex-petya-like-ransomware-outbreak-worse-than-wannacry/126561/

https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/