Another month, another major cyber attack
1 July, 2017
A cyber security specialist checks live cyber threat maps and statistics at his office.
A second major cyber attack in less than two months caused havoc across the world last Tuesday and Wednesday, crippling computers or halting operations of major business from Australia to Ukraine and the US, news wires reported. As in the previous attack, a virus targeted computers running Microsoft Corp's Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.
Among those hit were Rosneft, Russia's biggest oil company, shipping giant A.P. Moller-Maersk, the property arm of French bank BNP Paribas, a Cadbury chocolate plant in Australia, Ukrainian banks, etc. The rapidly spreading computer worm appeared to be a variant of an existing ransomware family known as Petya. The cyber extortion campaign has once again underscored growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers.
About 80% of all infections from the new attack were in Ukraine, with Italy second hardest hit at around 10%. Most of the international firms hit had operations in Ukraine. Moller-Maersk, which handles one in seven containers shipped worldwide and has a logistics unit in Ukraine, was not able to process new orders. BNP Paribas Real Estate, which provides property and investment management services, confirmed it had been hit but declined to specify how widely it had affected its business.
Rosneft, one of the world's biggest crude producers by volume, said its systems had suffered “serious consequences” but said oil production had not been affected because it switched over to backup systems. Production at the Cadbury factory in Tasmania was halted late last Tuesday after computer systems went down. Among the US targets were the Merck pharmaceutical company in New Jersey; a major multinational law firm, DLA Piper; and the Mondelez food company.
Several security experts questioned whether the effort to extort victims with computers hit by the virus was the main goal, or whether the unknown hackers behind the attack could have other motives. Some said they believe The Shadow Brokers hacker group is tied to the Russian government, and that the North Korean government was behind the previous cyber attack with WannaCry. Both countries' governments deny charges they are involved in hacking.