Published: Wed, June 28, 2017
Business | By Max Garcia

Ransomware hits servers across Europe

Aram... reports suggest these attacks are similar to the WannaCry ransomware attacks seen last month...

A major ransomware attack on Tuesday hit computers at Russia's biggest oil company, the country's banks, Ukraine's worldwide airport as well as global shipping firm A.P. Moller-Maersk.

The U.S. -based pharmaceutical company Merck also said it was hit.

'Companies are just not doing what they are supposed to do to fix the problem.

WannaCry was the first major attack using tools developed from the NSA's EternalBlue toolkit that were made available to the world following a leak published by Wikileaks.

"It's like WannaCry all over again", said Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure.

Major firms across Europe have been hit by a massive cyber attack, a media report said.

The malware promises to provide a specialized key to users who pay a ransom of $300 in bitcoins - the same ploy used by the WannaCry ransomware, which affected computers in more than 150 countries. "All businesses should immediately update their Windows operating system with the latest security patches and there are instructions on the ACSC website to do this", he maintained according to Australian Financial Review.

However he described the attacks as a "wake-up call" and said small businesses needed to take urgent action to improve their cyber security.

The global cyberattack, now spreading from Russian Federation and Ukraine to Europe and the U.S., is "more unsafe and intrusive" than WannaCry - the ransomware that hobbled institutions such as FedEx and Britain's National Health Service, the Singapore Computer Emergency Response Team (SingCERT) said on Wednesday. It advised victims not to pay the extortion, saying that doing so does not guarantee access will be restored. But, security experts have said that Petya might not have a kill switch, which means that it might be harder to stop.

The attack targeted around 2,000 computers in around a dozen countries including the UK, US, France and Germany.

It came as Russian oil giant Rosneft said its servers had suffered a "powerful" cyberattack.

Ukrainian Deputy Prime Minister Pavlo Rozenko said the government's computer network went down and the central bank reported disruption to operations at banks and firms including the state power distributor. Perhaps you are busy looking for a way to recover your files, but don't waste your time.

The number of companies and agencies reportedly affected by the ransomware campaign was piling up fast, and the electronic rampage appeared to be rapidly snowballing into a real-world world crisis.

Hutchins added: "Unlike most ransomware, Petya encrypts after reboot so if you're infected the files will not be encrypted until the machine is rebooted (the malware sets a schedule task to automatically reboot after 1h, but you can simply shut down before then to prevent encryption if you know you're infected)".

The threat does not have "a known, viable external spreading mechanism - such as the Internet", so "it is possible that some infections may be associated with software update systems for a Ukrainian tax accounting package called MeDoc", according to Williams.

Like this: