Germany's BSI Says Petya Malware Used in Cyber Attacks

Share

Germany's BSI Says Petya Malware Used in Cyber Attacks

Ukrainian Deputy Prime Minister Pavlo Rozenko said the government's computer network went down and the central bank reported disruption to operations at banks and firms including the state power distributor.

Russian state oil companies Rosneft and Bashneft were affected, as were Danish shipping conglomerate Maersk, British advertising agency WPP and Dutch shipping company TNT Express. The radiation monitoring system at Chernobyl was taken offline, forcing employees to use hand-held counters to measure levels at the former nuclear plant's exclusion zone.

Spanish food giant Mondelez is among those hit, with its shutdown of all IT systems reportedly affecting the Cadbury factory it operates in Hobart.

"A massive ransomware campaign is now unfolding worldwide", said Romanian cybersecurity company Bitdefender.

The widespread cyberattack apparently targeting Ukraine rippled across Europe and spread to computer systems of banks and major companies in Russia, Britain and elsewhere, according to the report.

How far has the ransomware spread?

It included code "Eternal Blue, ' Cyber security experts stolen from the US National Security Agency".

Infected computers display a message demanding a Bitcoin ransom worth $300.

He also said that tech security firms' stock prices will rise as witnessed by Sophos and Trend Micro back in May.

According to Mr. Patanmi, the malware is spreading using a vulnerability in Microsoft Windows that was patched in March 2017 - the same bug that was exploited by the WannaCry ransomware. "It's like WannaCry all over again", said F-Secure Chief Research Officer Mikko Hypponen.

Ukrainian officials confirmed a possible link to MeDoc.

APM Terminals, owned by Maersk, is experiencing system issues at multiple terminals, including the Port of NY and New Jersey, the largest port on the US East Coast, and Rotterdam in The Netherlands, Europe's largest harbour.

Australian staff of global law firm DLA Piper Ltd were quoted telling domestic media they were shut out of their computer systems because of the attack.

The ransomware also hurt Australian branches of worldwide companies.

The Nigeria Information Technology Development Agency, NITDA, on Sunday alerted Nigerians to the emergence of another deadly cyber-attack, "Petya" ransomware.

Further analysis by Russian-based Kaspersky Labs instead concludes that the guilty ransomware was completely brand new, although it does have some commonality with Petya.

Also at risk are embedded computer systems - for example those that run public infrastructure - which are often connected to networks but not updated.

It has been reported that Petya is also referred to as NotPetya.

The attack targeted around 2,000 computers in around a dozen countries including the UK, US, France and Germany.

The Jawaharlal Nehru Port (JNPT) near Mumbai in Maharashtra is believed to be one of the first places in India to report a Petya infection.

The ransomware demand seen on screens read: "Your files are no longer accessible because they have been encrypted". If the victim pays, the authors of the Petya ransomware, who call themselves Janus Cybercrime Solutions, get a cut of the payment. The NSA has however not claimed responsibility for any of the attacks that has crippled system.

Share

Advertisement

© 2015 Leader Call. All Rights reserved.