General News

Many firms hit by global cyber-attacks

Firms around the globe are reporting that they have been hit by a major cyber-attack.

British advertising agency WPP is among dozens of firms reporting problems.

Ukrainian firms, including the state power distributor and Kiev’s main airport were among the first to report issues.

Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month.

Alan Woodward, a computer scientist at Surrey University, said: “It appears to be a variant of a piece of ransomware that emerged last year.

“It was updated earlier in 2017 by the criminals when certain aspects were defeated. The ransomware was called Petya and the updated version Petrwrap.”

Andrei Barysevich, a spokesman for security firm Recorded Future, told the BBC that it had seen the malware for sale on many forums over the last 12 months.

“It only costs $28 (£22) on the forums,” he said. “But we are not sure if they used the latest version or a new variant of it.

Mr Barysevich said the attacks would not stop because cyber-thieves found them too lucrative.

“A South Korean hosting firm just paid $1m to get their data back and that’s a huge incentive,” he said. “It’s the biggest incentive you could offer to a cyber-criminal.”

Network down

Others reporting problems include the Ukrainian central bank, the aircraft manufacturer Antonov, and two postal services.

Russian oil producer Rosneft and Danish shipping company Maersk also say they face disruption, including its offices in the UK and Ireland.

“We can confirm that Maersk IT systems are down across multiple sites and business units due to a cyber-attack,” the Copenhagen-headquartered firm said via Twitter.

“We continue to assess the situation. The safety of our employees, our operations and customers’ business is our top priority.”

Spanish media reports that the offices of large multinationals such as food giant Mondelez and legal firm DLA Piper have suffered attacks.

And French construction materials company St Gobain has said that it had fallen victim.

The attacks come two months after another global ransomware assault, known as Wannacry, which caused major problems for the UK’s National Health Service.

No defence

Veteran security expert Chris Wysopal said the malware seemed to be spreading via some of the same Windows code loopholes exploited by Wannacry. Many firms did not patch those holes because Wannacry was tackled so quickly, he added.

Those being caught out were also industrial firms that often struggled to apply software patches quickly.

“These organisations typically have a challenge patching all of their machines because so many systems cannot have down time,” he said. “Airports also have this challenge.”

Copies of the virus have been submitted to online testing systems that check if security software, particularly anti-virus systems, were able to spot and stop it.

“Only two vendors were able to detect it so many systems are defenceless if they are unpatched and relying on anti-virus,” he said.

Ukraine seems to have been particularly badly hit this time round.

Reports suggest that the Kiev metro system has stopped accepting payment cards while several chains of petrol stations have suspended operations.

Ukraine’s deputy prime minister has tweeted a picture appearing to show government systems have been affected.

His caption reads: “Ta-daaa! Network is down at the Cabinet of Minister’s secretariat.”

 

 

Source: BBC

Show More

Related Articles

Leave a Reply

Back to top button