Firms across world hit by huge 'Peyta' cyber-attack

Share

Early reports indicated the virus affected major companies in Russian Federation and Ukraine as well as the world's largest shipping firm, Maersk, according to the affected companies and government sources.

The attack has hit Ukraine particularly hard.

The global cyber attack is caused by ransomware which holds computers ransom in exchange for a specific amount of money - in this case Bitcoin.

"The ultimate goal of the cyberattack was to try to destabilize", Gerashchenko said in a Facebook post, claiming that the attacks probably came from Russian Federation.

The origins of the malware remain unclear.

Major global firms reported that they had been targeted, including British advertising agency WPP, Russian oil and gas giant Rosneft and Danish shipping firm Maersk.

The attack is looking increasingly worrying because now only 20 out of 61 registered anti-virus softwares are picking the Petya virus up, according to virus analysis tool VirusTotal. "Anybody running Operating Systems that have not been patched for the vulnerability WannaCry exploited could be vulnerable to this attack".

"We have been in contact with our Five Eyes partners and the national cyber security centres in those countries to get a good sense as to what is occurring".

The hack's scale and the use of ransomware quickly recalled the massive May cyberattack in which hackers likely linked to North Korea disabled computers in more than 150 nations using a flaw that was once incorporated by the National Security Agency's surveillance tool kit. "We are now assessing the situation", Maersk said in a statement on Twitter.

"A massive ransomware campaign is now unfolding worldwide", said Romanian cybersecurity company Bitdefender, where analyst Bogdan Botezatu said that it appeared to be almost identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months. "Victims are reporting that a variant of the Petya ransomware is responsible; Petya is a well-understood ransomware type that we have reported on since 2016". Perhaps you are busy looking for a way to recover your files, but don't waste your time.

If it is still in the first stage of infection - when the user has not rebooted following the virus-triggered error message - then malware software will be able to remove the virus without damage to files.

"Our preliminary findings suggest that it is not a variant of Petya ransomware as publically reported, but a new ransomware that has not been seen before", he added.

An advisor to Ukraine's interior minister said the virus got into computer systems via "phishing" emails written in Russian and Ukrainian, created to lure employees into opening them.

"IT systems in several WPP companies have been affected by a suspected cyber attack", said WPP on its official Twitter account.

The Petya ransomware has been around for more than a year and normally spreads through spam emails carrying infected attachments.

Some radiation checks at the Chernobyl nuclear disaster site in Ukraine were being carried out manually on Tuesday after a wave of cyber attacks that hit Ukrainian institutions affected operations there, a state agency said.

Share