WPP, Rosneft, Maersk among companies hit by new cyberattack

WPP, Rosneft, Maersk among companies hit by new cyberattack

WPP, Rosneft, Maersk among companies hit by new cyberattack

The Bitcoin wallet indicated as the pay recipient for the attackers is sitting at almost $7,000 from 27 transactions at the time this article was published, pointing to another reason ransomware attacks will continue: Companies are paying out.

The Ukrainian government appears to have been badly affected, alongside Russia's Rosneft oil company and Danish shipping giant A.P. Moller-Maersk.

"The central bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber attacks on banks' IT systems will be neutralised", it said.

Maersk issued a similar statement, saying its IT systems "are down across multiple sites and business units due to a cyberattack".

The companies affected were hit by a type of ransomware that locks users out of the computer and demands purchase of a key to reinstate access, Group IB said.

It also recalled a ransomware outbreak last month which hit more than 150 countries and a total of more than 200,000 victims with the WannaCry ransomware.

Ukrenergo, the country's state power distributor, also says its IT system was hit, but told Reuters that no power supplies were affected.

Dubbed Petya, the ransomware freezes hard drives and demands that computer owners infected by the epidemic make a payment of $300 to unlock their data.

Experts are calling the latest attack Petya, according to The New York Times, which reports that the hackers' identities aren't known. Yet an analyst from Kaspersky Lab told NPR that the outbreak is coming from a "new ransomware we haven't seen before".

Microsoft said the virus could spread through a flaw that was patched in a security update in March. The United States was investigating the attack and determined to hold those responsible accountable, it said.

Like a previous attack that swept into more than 150 countries on May 12, Tuesday's virulent outbreak appeared to be powered by a USA cyber weapon stolen from the National Security Agency.

A Moscow-based cyber security firm, Group-IB, said it appeared to be a coordinated attack simultaneously targeting victims in Russian Federation and Ukraine. In Russia, the malware hit companies such as Mars, Nivea and Mondelez International, according to the Tass news agency.

Officials at that country's postal service and metro system in Kiev also reported hacking problems. Ukrainian Deputy Prime Minister Pavlo Rozenko Tuesday tweeted a photo of his black computer screen with a warning message, adding in a separate tweet that government offices have been paralyzed. There are also reports that some businesses in the USA have also been hit by the attack, such as the American offices of law firm DLA Piper. In a statement, it said that "in connection with the cyber attack, the Chernobyl nuclear power plant website is not working".

However, the radiation monitoring system at Ukraine's Chernobyl nuclear disaster site was taken offline.

Related news