Another Cyber Attack has taken place, as Ukraine has been hit with the biggest cyber attack in its history. This has affected and is still affecting a huge number of firms across the country. Indian, Russian and Danish firms are also showing signs of being infected by the virus.
The virus’s source isn’t known but it’s similar to the WannaCry Virus that took place back in May. It freezes the user’s computer and demands a ransom be paid in the form of Bitcoin, the online digital currency.
An email address associated with the blackmail attempt has been blocked by German independent email provider Posteo.
British advertising group WPP said its computer networks in several locations had been targeted and disrupted as a consequence.
Ukraine’s state-run companies have been hit badly in the attack, The National Bank of Ukraine has stated:
“The National Bank of Ukraine has warned banks and other financial market participants about an external hacker attack on the websites of some Ukrainian banks, as well as commercial and public enterprises, which was carried out today. As a result of these cyber attacks, banks experience difficulty in servicing customers and performing banking operations.”
Problems have also affected:
- Ukranian aircraft manufacturer Antonov, and two of its postal services.
- Russia’s biggest oil producer, Rosneft
- Danish shipping company Maersk has been infected across its container shipping, oil, gas and drilling operations. A port they run in Mumbai is among those that have halted operations.
- Mondelez a food company whose brands include Oreo and Toblerone has been infected.
- A Cadbury factory in Tasmania, Australia is affected.
- Netherlands-based shipping company TNT, has said some of their systems need “remediation”
- French construction materials company St Gobain
- US pharmaceutical-maker Merck
- The local offices of the law firm DLA Piper – a sign in the firm’s Washington DC office said: “Please remove all laptops from docking stations and keep turned off – no exceptions.”
Rozenki Pavlo, the Deputy Prime Minister for Ukraine has said he and other members of the Ukraine Government have had their computers infected, and tweeted out: “Ta-daaa! Network is down at the Cabinet of Minister’s Secretariat.”
Alan Woodward who works as a computer scientist at Surrey University said: “It appears to be a variant of a piece of ransomware that emerged last year. –The ransomware was called Petya and the updated version Petrwap” He has since updated this statement as it is no longer clear if it is a variant.
Kaspersky Lab has also reported that it believes the malware despite its similarity to Petya was a “new ransomware that hasn’t been seen before”. Kaspersky has named it NotPetya and confirmed it has detected attacks in Ukraine, Russia, UK, Italy, Germany, Poland, France and Germany.
Symantec shared a possible kill switch for the virus, stopping any infection before the virus can infect you. They have also confirmed 9 payments have been made into the Bitcoin wallet for NotPetya so far.
By creating a read-only file – named perfc – and placing it within a computer’s “C:\Windows” folder, the attack will be stopped in its tracks. Alan Woodward commented, “Even though it will make a machine ‘immune’, it would still be a carrier.”