Petya: The Latest  Global Ransomware Incident

Uploaded on 2017-06-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The UK’s National Cyber Security Centre  (NCSC) says it is aware of a cyber-attack spreading around the world amid fears of disruption to infrastructure including banking and transport.

“We’re aware of the global ransomware incident and are monitoring the situation closely,” said a spokesperson, advising members of the public and businesses to check its website for guidance on keeping their systems secure.

British advertising firm WPP said IT systems in several of its companies were affected by the attack, as Maersk employees were sent home from its offices in Berkshire.

The first reports came from Ukraine where state infrastructure including government-owned banks, energy firms, transportation and ministers’ computers were hit by the ransomware. Russian oil giant Rosneft, the world’s largest shipping company Maersk and firms in India and Norway were among those affected.

Infected computers display a message demanding a payment of $300 (£235) in Bitcoin to re-gain access to encrypted files.
The Swiss Government’s Reporting and Analysis Centre said the Petya virus was believed to be responsible and was spreading by “exploiting the SMB (Server Message Block) vulnerability”.

Petya was previously blamed for disrupting systems in 2016 and works similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.

Maersk said its IT systems were down across “multiple sites and businesses due to a cyber-attack” that could affect its global operations. Employees at Maersk’s main UK office in Maidenhead said all staff had been locked out of their computers and sent home for the day.The Danish business conglomerate is the largest container shipping company in the world and also operates in the oil and gas sectors. Seventeen shipping container terminals run by Maersk subsidiary APM Terminals have also been hacked, including two in Rotterdam and 15 in other parts of the world, according to Dutch television.

Norway’s national security agency said the ransomware was affecting an unnamed “international company” in the country.
Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz.

Ukraine’s national bank, state power company and largest airport were among the targets first reported targets.
Rozenko Pavlo, the deputy Prime Minister, said he and other members of the government were unable to access their computers.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms. 
“As a result of cyber-attacks, these banks have difficulties with customer service and banking operations,” a statement said.
“The National Bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber-attacks on banks' IT systems will be neutralised.”

Computers and departure boards for Boryspil International Airport in Kiev, the largest in Ukraine, were also down.
The Ukrposhta state postal service, television stations and transport were affected by the attack, which left Kiev metro passengers unable to pay using bank cards. Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets.

Ukraine's Prime Minister later described the attack as “unprecedented” but said “vital systems haven't been affected”.
 “Our IT experts are doing their job and protecting critical infrastructure, Volodymyr Groysman added.
"The attack will be repelled and the perpetrators will be tracked down."

Ukraine has blamed Russia for repeated cyber-attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015.
Russia has denied involvement and the orchestrators of the attack were not known, although onlookers estimated they could make billions of dollars from the hack.

The UK’s Parliament was attacked on Friday 23rd June that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords.

The growth of global cyber-attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a permanent war on-line. 

Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.
“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.
“We are getting closer, clearly, to a state of war that could be more complicated, probably, than those we've known until now.”

Independent

You Might Also Read:

Power Companies Cyber ‘Nightmare’:

WannaCry Prompts Microsoft Updates … And A Warning:

 

 

« Facebook Deploys AI To Block Terror Propaganda
EU Fines Google $2.7 Billion »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

National Cybersecurity Agency (ANCS) - Tunisia

National Cybersecurity Agency (ANCS) - Tunisia

ANCS (L'Agence Nationale de la Cybersécurité) is the national cybersecurity agency for Tunisia.

ZeroFox

ZeroFox

ZeroFox safeguards modern organizations from dynamic security risks across social, mobile, surface, deep and dark web, email and collaboration platforms.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

GoVanguard

GoVanguard

GoVanguard is an boutique information security team delivering robust, business-focused information security solutions.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

ADVA Optical Networking

ADVA Optical Networking

ADVA is a company founded on innovation and focused on helping our customers succeed. Our technology forms the building blocks of a shared digital future and empowers networks across the globe.

Novacoast

Novacoast

Novacoast helps organizations find, create & implement solutions for a powerful security posture through advisory, engineering, development & managed services.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

LegalByte

LegalByte

LegalByte is a leading provider of comprehensive legal and forensic services dedicated to addressing the complex challenges of the digital age.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

Safe Data Storage

Safe Data Storage

Safe Data Storage offer a fully managed, professional, secure UK-based online backup service to businesses, education and charities.

Lupasafe

Lupasafe

Lupasafe is an all-in-one cybersecurity platform for MSPs and SMEs. See all your cyber risks: From training to phishing, darkweb scans, continuous tech monitoring, AI insights, reporting & compliance.