Cyber security experts say a ransomware computer virus first reported in the Ukraine and Russia, and which is now spreading throughout the world, uses the same computer hacking exploit as did the WannaCry virus which crippled hundreds of thousands of computers last month.
Reports of the virus first emerged in the Ukraine when government officials signalled the country’s infrastructure ministry, state postal service, largest telephone firm and several banks were affected. An advisor to Ukraine’s interior minister said a version of the WannaCry ransomware had caused outages on government websites and those of several companies.
The next country reporting issues was Russia. Top oil producer, Rosneft, said it had been affected by a large scale cyber-attack. As was Russia’s largest steelmaker Evraz. Both companies confirmed they were hit by the global cyber-attack but that their production remained unaffected.
A supermarket in Ukraine.
The country is under cyberattack.
golub</a> <a href="https://t.co/jETUuCPcqn">pic.twitter.com/jETUuCPcqn</a></p>— Maxim Eristavi (MaximEristavi) June 27, 2017
Within hours the virus was being reported throughout Europe. In the UK, WPP, the world’s biggest advertising company said that computer systems within several of its agencies had been hit as well.
In the Netherlands, Rotterdam TV reported 17 APM shipping container terminals were hit by the hack. APM is a subsidiary of shipping giant Maersk who confirmed it was also impacted by the global attack. Two of the company’s terminals are located in the Dutch city of Rotterdam. The 15 others are dispersed throughout the world.
The Norwegian national security authority also confirmed this latest cyber-attack hit an “international company” in Norway.
This latest cyber-attack, according to both Ukrainian and Swiss officials, appears to be a ransomware attack — in which a computer’s hard drive is encrypted and its contents held for ransom.
Ukrainian officials said the cyber-attack is a modified version of the WannaCry ransomware virus which last month devastated the UK’s health service a spread world-wide.
BREAKING: ‘Petya’ cyber-attack that started in Ukraine has reached companies in Spain, India, Denmark, Russia, UK, Norway and others.— The Spectator Index (@spectatorindex) June 27, 2017
In Switzerland, officials there said a 2016 ransomware computer virus known as a Petya has re-emerged and is impacting computers throughout the world. Germany’s BSI federal cyber agency supported Switzerland’s assessment, saying early indications suggest this latest attack is the Petya virus.
At least 80 companies, including French construction materials firm Saint Gobain, have so far been infected by the virus.
Cyber security experts said the global attack, dubbed GoldenEye, is a variant of the Petya virus. It utilises the same type of exploit as did WannaCry and once it infects a computer, its files are encrypted. Files will remain encrypted unless a ransom of 300 dollars’ worth of Bitcoins is paid.
In the Ukraine, Prime Minister Volodymyr Groysman said the scale of the attack in the country was “unprecedented”, but that the country’s most important computer systems remained unaffected. Ukrainian National Security and Defence Council Secretary, Oleksandr Turchynov, said there are signs of Russian involvement in this latest cyber-attack.
Ukrainian officials say they believe the virus originated from Russia.