Cyberattack hits corporates
Property arm of France’s biggest bank, BNP Paribas, among the targets
A GLOBAL cyberattack has hit the property arm of France’s biggest bank, BNP Paribas, one of the largest financial institutions known to be affected by an extortion campaign that started in Russia and Ukraine.
The worldwide attack has disrupted computers at Russia’s biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that infected more than 300 000 computers last month.
The attack hit BNP’s Real Estate subsidiary, a BNP Paribas spokeswoman told Reuters, after a source familiar with the matter had said that the computers of some staff were blocked on Tuesday because of the incident.
“The necessary measures have been taken to rapidly contain the attack,” she said.
BNP Paribas Real Estate provides advisory, property and investment management and development services, mostly in Europe. It employed 3 472 staff at the end of last year, with operations in 16 countries, and had €24 billion (R354bn) in assets under management.
Many of the companies affected globally by the cyber attack have links to Ukraine, although there is no indication that this was the case for BNP. It owns a bank in the country.
France’s financial sector regulator, ACPR, remained vigilant, but there were no alerts concerning the banks it supervised, it said in a statement.
Among BNP’s peers, France’s Société Générale told Reuters this week it was not affected by the attack. Credit Agricole and BPCE both declined to comment.
Reverberations from the attack continued yesterday, with shipping giant AP Moller-Maersk, which handles one in seven containers shipped worldwide, telling Reuters it was unable to process new orders after being hit by the cyberattack.
Among other French companies, retailer Auchan said Tuesday’s cyberattack had hit terminal payments in its stores in Ukraine, but the incident was now over.
French construction and building materials group St Gobain said its systems were gradually returning to normal after the company fell victim to the cyberattack.
The ransomware virus includes code known as “Eternal Blue”, which cybersecurity experts widely believed was stolen from the US National Security Agency. If one computer in a network is infected, the virus can spread rapidly. The virus crippled computers running Windows by encrypting hard drives and overwriting files, then demanded $300 (R3 906) in bitcoin payments to restore access.