Alternatively, some security experts say it is an entirely new virus.
Pharmaceutical company Merck, Danish shipper Maersk, advertising group WPP Group, Ukrainian banks, and Russian oil company Rosneft all report significant intrusions on their computer systems.
Global businesses from Europe to the U.S., including shipping giant A.P. Moeller-Maersk, advertising firm WPP Group, and Russian oil company PAO Rosneft reported significant cyberattacks Tuesday against their computer systems.
It was unclear how, or if, the attacks were related, but they spread simultaneously across Europe and into the U.S. on the heels of a global attack in May from a virus dubbed WannaCry.
Ukraine was hit by an “unprecedented” wave of cyberattacks Tuesday, the country’s prime minister said, which infected a government ministry, state telecoms, postal and transport companies, among others.
Russia’s state-controlled oil company, PAO Rosneft, said it was under a “massive hacker attack” that could have serious consequences but said its oil production hadn’t been affected.
Denmark’s shipping giant Maersk said Tuesday that its computer systems had been brought down by a cyberattack. The breakdown is affecting multiple computer systems across several business units, a Maersk spokeswoman said, adding the company was assessing the situation.
The spokeswoman said she couldn’t provide details on how the computer outage was affecting the company’s flagship business, Maersk Line, the world’s largest container operator by capacity.
Attempts to connect to the Maersk Line web site yielded the following message: “Oh no, our website is down!
The Port Authority of New York and Jersey sent out alerts Tuesday morning that said the APM Terminals facility in Elizabeth, N.J., “is experiencing system issues” and advising carriers to delay arrival until further notice.
Ukraine Hit Hard
A ransomware attack hit computers across the world on Tuesday, taking out servers at Russia’s biggest oil company, disrupting operations at Ukrainian banks, and shutting down computers at multinational shipping and advertising firms.
Cyber security experts said those behind the attack appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
“It’s like WannaCry all over again,” said Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure.
One of the victims of Tuesday’s cyber attack, a Ukrainian media company, said its computers were blocked and it had a demand for $300 worth of the Bitcoin crypto-currency to restore access to its files.
“If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service,” the message said, according to a screenshot posted by Ukraine’s Channel 24.
The same message appeared on computers at Maersk offices in Rotterdam and at businesses affected in Norway.
Experts said the latest ransomware attacks unfolding worldwide, dubbed GoldenEye, were a variant of an existing ransomware family called Petya.
It uses two layers of encryption which have frustrated efforts by researchers to break the code, according to Romanian security firm Bitdefender.
“There is no workaround to help victims retrieve the decryption keys from the computer,” the company said.
Russian security software maker Kaspersky Lab, however, said its preliminary findings suggested the virus was not a variant of Petya but a new ransomware not seen before.
The WannaCry attack was a nice global warning, clearly ignored. These are the consequences.
What We Know So Far
- Major companies around the world were hit
- Companies that applied security patches were not hit
- Putin did it personally, with help from Trump
In regards to point number three, who else? Why the media is not all over this remains a mystery.
The attack on Russia’s state-controlled oil company, Rosneft, is an obvious smokescreen designed to hide Putin’s direct involvement.
By the end of the day, the Washington Post is sure to have details involving both Putin and Trump.
Who to Blame?
More seriously, companies had ample time to apply software patched. But they didn’t.
However, we need to take one step further back for the origins of these viruses.
The National Security Agency (NSA ) has its hands in the biggest ransomware cyber attack in history. The NSA found holes in the Windows operating systems and instead of alerting Microsoft it chose to exploit those holes for its own benefit.
The problem with such an approach is the NSA is not the only one who can exploit the holes.
Microsoft Blasts NSA
Pertinent Tweets from Snowden
For those who would never believe such a thing, there is always the tried and true: Blame Putin and Trump.
Mike “Mish” Shedlock