Further cyberattacks rock Europe
RUSSIA: A new wave of powerful cyberattacks hit Europe and beyond yesterday, in a possible reprise of a widespread ransomware assault in May.
Among those affected were a Russian oil giant, a Danish shipping and energy conglomerate, and Ukrainian government ministries, which were brought to a standstill in a wave of ransom demands. The virus even downed systems at the site of the former Chernobyl nuclear power plant, forcing scientists to monitor radiation levels manually.
Cyberattacks also spread as far as India and the United States, where pharmaceutical giant Merck reported on Twitter that ‘‘our company’s computer network was compromised today as part of global hack’’. The New Jersey- based company said investigating the attack.
Cyber researchers said the virus, which was linked to malware called Petrwrap or Petya, used an ‘‘exploit’’ developed by the US National Security Agency (NSA) that was later leaked on to the internet by hackers. It is the second massive attack in the past two months to turn powerful US exploits against the IT infrastructure that supports national governments and corporations.
The onslaught of ransomware attacks could be the ‘‘new normal’’, said Mark Graff, the chief executive of Tellagraff, a cybersecurity company.
‘‘The emergence of Petya and WannaCry really points out the need for a response plan and a policy on what companies are going it was to do about ransomware,’’ he said. WannaCry was the ransomware used in the May attack. ‘‘You won’t want to make that decision at a time of panic, in a cloud of emotion.’’
The attack mainly targeted Eastern Europe but also hit companies in Spain, Denmark, Norway and Britain. But the damage was worst in Ukraine.
Researchers at Kaspersky Lab’s Global Research and Analysis Team, in Russia, estimated that 60 per cent of infected computers were in Ukraine and 30 per cent in Russia.
The hacks targeted government ministries, banks, utilities and other important infrastructure and companies nationwide, demanding ransoms from government employees in the cryptocurrency bitcoin.
The hacks’ scale and the use of ransomware recalled the massive cyberattack in May, in which hackers possibly linked to North Korea disabled computers in more than 150 nations using a flaw that was once incorporated into the NSA’s surveillance tool kit.
The initial infection was in Ukraine and spread to Europe, said Paul Burbage, a malware researcher with Flashpoint, a cyberthreat analysis firm.
The ransomware used in the attacks was a variant of Petya called GoldenEye, which was sold on underground forums used mainly by Russian-speaking criminal hackers, he said.
Breaches were reported at computers governing Ukraine’s municipal energy company and airport in the capital, Kiev, state telecommunications company Ukrtelecom, the postal service and the State Savings Bank of Ukraine.
Grocery store checkout machines broke down, ATMs demanded ransom payments, and the turnstile system in the Kiev metro reportedly stopped working.
The mayhem reached high into the government. Ukrainian Deputy Prime Minister Pavlo Rozenko tweeted a picture of a computer screen warning in English, and his spokeswoman published a photo showing demands for a ransom in bitcoin.
Danish transport and energy conglomerate Maersk announced that its IT systems were down ‘‘across multiple sites and business units due to a cyber attack’’.
– Washington Post