Petya: The Latest  Global Ransomware Incident

The UK’s National Cyber Security Centre  (NCSC) says it is aware of a cyber-attack spreading around the world amid fears of disruption to infrastructure including banking and transport.

“We’re aware of the global ransomware incident and are monitoring the situation closely,” said a spokesperson, advising members of the public and businesses to check its website for guidance on keeping their systems secure.

British advertising firm WPP said IT systems in several of its companies were affected by the attack, as Maersk employees were sent home from its offices in Berkshire.

The first reports came from Ukraine where state infrastructure including government-owned banks, energy firms, transportation and ministers’ computers were hit by the ransomware. Russian oil giant Rosneft, the world’s largest shipping company Maersk and firms in India and Norway were among those affected.

Infected computers display a message demanding a payment of $300 (£235) in Bitcoin to re-gain access to encrypted files.
The Swiss Government’s Reporting and Analysis Centre said the Petya virus was believed to be responsible and was spreading by “exploiting the SMB (Server Message Block) vulnerability”.

Petya was previously blamed for disrupting systems in 2016 and works similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.

Maersk said its IT systems were down across “multiple sites and businesses due to a cyber-attack” that could affect its global operations. Employees at Maersk’s main UK office in Maidenhead said all staff had been locked out of their computers and sent home for the day.The Danish business conglomerate is the largest container shipping company in the world and also operates in the oil and gas sectors. Seventeen shipping container terminals run by Maersk subsidiary APM Terminals have also been hacked, including two in Rotterdam and 15 in other parts of the world, according to Dutch television.

Norway’s national security agency said the ransomware was affecting an unnamed “international company” in the country.
Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz.

Ukraine’s national bank, state power company and largest airport were among the targets first reported targets.
Rozenko Pavlo, the deputy Prime Minister, said he and other members of the government were unable to access their computers.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms. 
“As a result of cyber-attacks, these banks have difficulties with customer service and banking operations,” a statement said.
“The National Bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber-attacks on banks' IT systems will be neutralised.”

Computers and departure boards for Boryspil International Airport in Kiev, the largest in Ukraine, were also down.
The Ukrposhta state postal service, television stations and transport were affected by the attack, which left Kiev metro passengers unable to pay using bank cards. Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets.

Ukraine's Prime Minister later described the attack as “unprecedented” but said “vital systems haven't been affected”.
 “Our IT experts are doing their job and protecting critical infrastructure, Volodymyr Groysman added.
"The attack will be repelled and the perpetrators will be tracked down."

Ukraine has blamed Russia for repeated cyber-attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015.
Russia has denied involvement and the orchestrators of the attack were not known, although onlookers estimated they could make billions of dollars from the hack.

The UK’s Parliament was attacked on Friday 23rd June that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords.

The growth of global cyber-attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a permanent war on-line. 

Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.
“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.
“We are getting closer, clearly, to a state of war that could be more complicated, probably, than those we've known until now.”

Independent

You Might Also Read:

Power Companies Cyber ‘Nightmare’:

WannaCry Prompts Microsoft Updates … And A Warning:

 

 

« Facebook Deploys AI To Block Terror Propaganda
EU Fines Google $2.7 Billion »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

King & Spalding

King & Spalding

King & Spalding is an international law firm with offices in the United States, Europe and the Middle East. Practice areas include Data, Privacy & Security.

SecureNow Insurance Broker

SecureNow Insurance Broker

SecureNow is a commercial insurance broker based in India. Services offered include Cyber Risk insurance.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

International Federation of Robotics (IFR)

International Federation of Robotics (IFR)

The International Federation of Robotics connects the world of robotics around the globe. Our members come from the robotics industry, industry associations and research & development institutes.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

Semmle

Semmle

Semmle's code analysis platform helps teams find zero-days and automate variant analysis. Secure your code with continuous security analysis and automated code review.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

Realsec

Realsec

RealSec is an international company and is a developer of encryption and digital signature systems and Blockchain for the Banking and Methods of Payment sectors, Government and Defense and Multisector

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.

Inveo Group

Inveo Group

Inveo group is the Italian leader for the management of privacy and data protection issues.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.