Firms scramble to recover from wave of cyberattacks

2017-06-28 15:09
(iStock)

(iStock)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Kiev - Thousands of computer users across the globe scrambled to reboot on Wednesday after a wave of ransomware cyberattacks spread from Ukraine and Russia through Europe to the United States.

The virus, which demanded a payment worth $300 as it locked up files at companies and government agencies including the Chernobyl nuclear site, appeared similar to the WannaCry ransomware that swept the world last month, hitting more than 200 000 users in more than 150 countries.

But the new attack appeared much smaller in scale, with global cybersecurity firm Kaspersky Lab estimating the number of victims at 2 000. There was no immediate indication of who was responsible.

Some IT specialists identified the newcomer as "Petrwrap", a modified version of ransomware called Petya which circulated last year. But Kaspersky described it as a new form of ransomware.

The government of Ukraine, where the attacks were first reported and appeared most severe, said the attack had been halted, but key organisations were still reporting problems.

"The large-scale cyberattack on corporate and government networks that happened yesterday on June 27 has been stopped," the government said in a statement.

"The situation is under the complete control of cybersecurity experts and they are now working on recovering lost data," it said, adding that all "strategic enterprises" were functioning as normal.

Despite the assurances, employees at the Chernobyl nuclear site were continuing to use hand-held Geiger counters to measure radiation levels after the monitoring system was shut down by the hack.

Online arrivals and departures information for Kiev's main Boryspil airport also remained down, but its director said the hub was otherwise fully operational.

Meanwhile, systems at the major lender Oschadbank still appeared crippled, while a delivery service and energy supplier said they were also facing some difficulties.

Global spread 

The attacks started on Tuesday at around 14:00 in Kiev and quickly spread to about 80 companies in Ukraine and Russia, said cybersecurity company Group IB.

In Russia, major companies including the oil giant Rosneft said they had suffered cyberattacks at roughly the same time.

Later, multinationals in Western Europe and the United States reported that they too had been hit by the virus.

Among the companies reporting problems were global shipping firm Maersk, British advertising giant WPP, French industrial group Saint-Gobain and US pharmaceutical group Merck.

India's government on Wednesday said operations at a terminal at the country's largest container port in Mumbai, run by Maersk, were disrupted.

Windows vulnerability 

Security specialists said the cyberattacks on Tuesday exploited an already patched vulnerability in Windows software and appeared to have focused on Ukraine as a primary target.

The malware that, once in a computer, locked away data from users who were then told to pay, bore resemblances to the recent WannaCry attack. US software titan Microsoft also called the latest virus ransomware.

"Our initial analysis found that the ransomware uses multiple techniques to spread, including one which was addressed by a security update previously provided for all platforms from Windows XP to Windows 10 (MS17-010)," a Microsoft spokesperson told AFP.

After the WannaCry scourge in May, Microsoft urged users to protect machines with the MS17-010 patch.

The flaw - and the means to exploit it - had previously been disclosed in pirated documents about cyberweapons at the US National Security Agency.

So far there was no clear indication of who was behind the attack.

Some experts said it looked likely to be a criminal scam, while Ukraine suggested that its archrival Russia could have been behind the attack.

Read more on:    microsoft  |  us  |  russia  |  ukraine  |  cybercrime

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X

Inside News24

 
/News
 

5 top leg exercises for men

Here’s our selection of the five best leg exercises that you can do in the comfort of your own home.

 
 

You won't want to miss...

WATCH: Pornhub is giving users free access to premium content this holidays
5 top leg exercises for men
10 best dressed men of 2017
How to open a beer bottle without an opener
Traffic Alerts
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.