The attacks have more similarities than differences.
First, to correct a common misconception, NotPetya definitely wasn't ransomware run amok - it was designed to look like the previously popular Petya ransomware, but the actual ransom and decryption key processing mechanism was removed as that wasn't its purpose. It was masquerading as ransomware, but it wasn't ransomware, it just destroys data by encrypting it with a non-recoverable key.
Just as Solarwinds, NotPetya also was a targeted supply chain attack - it was deployed through updates from a previously hacked accounting/tax software company "Intellect Service" to all their customers in Ukraine, which also included many multinational companies which had their finance depts file tax reports in Ukraine; and just as Solarwinds, NotPetya is attributed to Russian government.
The main difference is that, as you say, it seems that Solarwinds was (at least at the stage it was detected) used only for espionage, while NotPetya was designed for pure destruction.
Definitely correct in that NP originated a supply chain attack on that vendor in Kiev, I had forgotten and good catch.
NP, as Maersk and co experienced was definitely rware (a variant, sure) run amok however. It’s industry consensus that the attacker either a) didn’t think of the possible Global blast radius or b) thought of the blast radius but didn’t plan for how bad it would get.
In a sense, SW might reflect a more mature approach: consider the network spread, use a different exploit and intent - spyware for espionage vs rware variant for destruction.
That said, very different exploits and intents were used.
First, to correct a common misconception, NotPetya definitely wasn't ransomware run amok - it was designed to look like the previously popular Petya ransomware, but the actual ransom and decryption key processing mechanism was removed as that wasn't its purpose. It was masquerading as ransomware, but it wasn't ransomware, it just destroys data by encrypting it with a non-recoverable key.
Just as Solarwinds, NotPetya also was a targeted supply chain attack - it was deployed through updates from a previously hacked accounting/tax software company "Intellect Service" to all their customers in Ukraine, which also included many multinational companies which had their finance depts file tax reports in Ukraine; and just as Solarwinds, NotPetya is attributed to Russian government.
The main difference is that, as you say, it seems that Solarwinds was (at least at the stage it was detected) used only for espionage, while NotPetya was designed for pure destruction.