Petya: The Latest Global Ransomware Incident
The UK’s National Cyber Security Centre (NCSC) says it is aware of a cyber-attack spreading around the world amid fears of disruption to infrastructure including banking and transport.
“We’re aware of the global ransomware incident and are monitoring the situation closely,” said a spokesperson, advising members of the public and businesses to check its website for guidance on keeping their systems secure.
British advertising firm WPP said IT systems in several of its companies were affected by the attack, as Maersk employees were sent home from its offices in Berkshire.
The first reports came from Ukraine where state infrastructure including government-owned banks, energy firms, transportation and ministers’ computers were hit by the ransomware. Russian oil giant Rosneft, the world’s largest shipping company Maersk and firms in India and Norway were among those affected.
Infected computers display a message demanding a payment of $300 (£235) in Bitcoin to re-gain access to encrypted files.
The Swiss Government’s Reporting and Analysis Centre said the Petya virus was believed to be responsible and was spreading by “exploiting the SMB (Server Message Block) vulnerability”.
Petya was previously blamed for disrupting systems in 2016 and works similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.
Maersk said its IT systems were down across “multiple sites and businesses due to a cyber-attack” that could affect its global operations. Employees at Maersk’s main UK office in Maidenhead said all staff had been locked out of their computers and sent home for the day.The Danish business conglomerate is the largest container shipping company in the world and also operates in the oil and gas sectors. Seventeen shipping container terminals run by Maersk subsidiary APM Terminals have also been hacked, including two in Rotterdam and 15 in other parts of the world, according to Dutch television.
Norway’s national security agency said the ransomware was affecting an unnamed “international company” in the country.
Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz.
Ukraine’s national bank, state power company and largest airport were among the targets first reported targets.
Rozenko Pavlo, the deputy Prime Minister, said he and other members of the government were unable to access their computers.
Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms.
“As a result of cyber-attacks, these banks have difficulties with customer service and banking operations,” a statement said.
“The National Bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber-attacks on banks' IT systems will be neutralised.”
Computers and departure boards for Boryspil International Airport in Kiev, the largest in Ukraine, were also down.
The Ukrposhta state postal service, television stations and transport were affected by the attack, which left Kiev metro passengers unable to pay using bank cards. Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets.
Ukraine's Prime Minister later described the attack as “unprecedented” but said “vital systems haven't been affected”.
“Our IT experts are doing their job and protecting critical infrastructure, Volodymyr Groysman added.
"The attack will be repelled and the perpetrators will be tracked down."
Ukraine has blamed Russia for repeated cyber-attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015.
Russia has denied involvement and the orchestrators of the attack were not known, although onlookers estimated they could make billions of dollars from the hack.
The UK’s Parliament was attacked on Friday 23rd June that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords.
The growth of global cyber-attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a permanent war on-line.
Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.
“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.
“We are getting closer, clearly, to a state of war that could be more complicated, probably, than those we've known until now.”
You Might Also Read:
Power Companies Cyber ‘Nightmare’:
WannaCry Prompts Microsoft Updates … And A Warning: