New cyberattack hits Europe and US

Share

IT systems at the Irish operations of three worldwide companies were affected by a major new global cyber attack on Tuesday.

Computer experts were calling the computer virus "Petya", and said that it was similar to the WannaCry attack that spread like wildfire across much of Asia and Europe.

Reminiscent of the WannaCry epidemic last month that affected 99 countries, this virus attacks the operating system through its Server Message Block protocol (SMB), encrypting data and then demanding a ransom to unlock it.

Cyber researchers have tied the vulnerability exploited by Petya to the one used by WannaCry - a weakness discovered by the NSA years ago that the agency turned into a hacking tool dubbed EternalBlue.

While several researchers identified the virus as a derivative of the "Petya" ransomware, Kaspersky Lab, which congressional sources told ABC News is itself under Federal Bureau of Investigation scrutiny, disputed that assessment, concluding that the virus was "a new ransomware that has not been seen before" and dubbing it "NotPetya".

A spokesperson from the UK National Cyber Security Centre (NCSC), an off-shoot of signals intelligence agency GCHQ who are responsible for probing attacks and breaches, said: "We are aware of a global ransomware incident and are monitoring the situation closely".

Britain's WPP, the world's biggest advertising company, said on Tuesday that computer systems within several of its agencies had been hit by a suspected cyber attack.

A new cyber attack similar to WannaCry is spreading from Europe to the US, hitting port operators in NY and Rotterdam, disrupting government systems in Kiev, and disabling operations at companies including Rosneft PJSC and advertiser WPP Plc.

Taylor Swift Congratulates Russell Westbrook on MVP Award in Twitter Video
D'Antoni, who also won the award while coaching Phoenix, followed Rockets guard Eric Gordon's win for Sixth Man of the Year. Aside from the MVP award, Russell Westbrook also got the Best Style Fan Award and the Game Winner of the Year Fan Award.

Among the other victims: Food conglomerate Mondelez, Danish shipping company A.P. Moller-Maersk, and German logistics company Deutsche Post, among others. IT systems in multiple sites and business units remained down, but company officials didn't say how the outrages were affecting operations.

Companies don't patch for a variety of reasons: their machines don't support the patch, it's too expensive to do it, it might disrupt their services or they simply forget about an outdated computer on their network. "Threat mitigation, as well as bringing the perpetrators of cyber attacks to justice, are the FBI's top priorities".

The ransomware used in the attacks is a variant of Petya called GoldenEye, which was sold on underground forums used mainly by Russian-speaking criminal hackers, he said.

Early reports indicated the virus affected major companies in Russian Federation and Ukraine as well as the world's largest shipping firm, Maersk, according to the affected companies and government sources. Ukraine was the first to report these attacks, as the National Bank of Ukraine released a statement.

Microsoft is continuing to investigate the latest cyberattack and will take necessary steps to protect customers, the spokesperson said. The Ukrainian prime minister called the attack "unprecedented" but said that "vital systems haven't been affected".

The virus is "spreading around the world, a large number of countries are affected", Costin Raiu, a researcher at the Moscow-based computer security firm Kaspersky Lab said via Twitter.

"It's more harmful to the organization that it affects, but because it's not randomly spreading over the internet like WannaCry, it's somewhat contained to the organizations that were connected to each other", Kalember said.

Global ad agency WPP has been hit by the same attack.

Share