Several multinational companies have been targeted in a series of cyberattacks that first struck in Russia and Ukraine. The virus, initially dubbed “Petya,” forces victims to pay in exchange for a return of their data.
Ukraine’s central bank said several domestic lenders – including the largest bank Oschadbank – had been hit on Tuesday morning, hindering operations and leading the regulator to warn other financial institutions to tighten security measures.
Kyiv’s main airport, the national power grid, the radiation-monitoring facility at Ukraine’s shuttered Chernobyl power plant, and Russian state oil giant Rosneft were also among the first to report being hit by the virus, initially dubbed “Petya” or “GoldenEye”. The attacks started around 14:00 Moscow time (11:00 UTC).
They quickly spread to 80 companies in Ukraine and Russia, and the wave was followed by attacks on Danish sea transport company Maersk, British advertising giant WPP and the French industrial group Saint-Gobain. A number of hospitals in the US were also hit.
The virus is “spreading around the world, a large number of countries are affected,” Costin Raiu, a researcher at the Moscow-based computer security firm Kaspersky Lab told the French news agency AFP.
The attacks on Russian and Ukrainian companies involved a type of ransomware that locks users out of computers and demands the purchase of a key to reinstate access, cybersecurity company Group IB told AFP.
The cryptolocker seeks $300 (280 euros) in bitcoin and does not name the encrypting program, which makes finding a solution difficult, Group IB spokesman Evgeny Gukov told AFP.
There was another similar attack in May when over 150 countries and a total of 200,000 victims were hit by WannaCryransomware.
The vulnerability in Microsoft’s Windows software was initially disclosed in documents leaked from the US National Security Agency.
Microsoft released a security patch for all platforms from Windows XP to Windows 10 (MS17-010) after tens of thousands of users were hit with the WannaCry ransomware. The MS17-010 patch should protect users from the latest cyberattack.
Ukrainian Prime Minister Volodymyr Groysman wrote on Facebook that the attacks in his country were “unprecedented.” He added that important systems had not been not affected.
Rosneft said its servers had suffered a “powerful” cyberattack but thanks to its backup system “the production and extraction of oil were not stopped.”
“To protect our data we have isolated our systems,” Saint-Gobain told AFP.
A Maersk representative told AFP that company systems are “down across all business units due to a virus.”
The fight against cyberattacks has sparked exponential growth in global protection spending, with the cyber security market estimated at $120 billion this year, more than 30 times its size just over a decade ago.
Rob Wainwright, executive director of Europol, the European Union’s law enforcement agency, wrote on Twitter that “we are urgently responding to reports of another major ransomware attack on businesses in Europe.”
Meanwhile, in France, prosecutors and the police’s cybercrime division opened an investigation into the case, probing fraudulent access to databases and extortion.
Source: jbh, dm/rc (AFP, dpa, AP) / DW