Major ransomware attack underway again!

Companies across the globe are reporting that they have been struck by another major ransomware cyber-attack.

British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence.

Ukrainian firms, including the state power company and Kiev’s main airport were among the first to report issues.

The Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down.

Experts suggest the malware is taking advantage of the same weaknesses used by the Wannacry attack last month.

The ransomware was called Petya and the updated version Petrwrap.

French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft have also been effected.

The food giant Mondelez, legal firm DLA Piper and Danish shipping and transport giant AP Moller-Maersk also said their systems had been hit by the malware.

WPP said in a statement that the computer systems at several of its subsidiary companies had been affected, adding that it was “assessing the situation and taking appropriate measures”.

In an internal memo to staff, one WPP firm said it was the target of “a massive global malware attack, affecting all Windows servers, PCs and laptops”. It warned employees to turn off and disconnect all machines using Windows.

Andrei Barysevich, a spokesman for security firm Recorded Future, told the BBC that it had seen the malware for sale on many forums over the last 12 months.

“It only costs about £20 to £25 on the forums,” he said. “But we are not sure if they used the latest version or a new variant of it.

Mr Barysevich said the attacks are not going to stop because cyber-thieves are making a huge amount of money from them.

Only last week, a South Korean website hosting firm just paid $1m to get their data back and that’s a massive incentive to anyone.

A bitcoin wallet associated with the outbreak has received several payments since the outbreak began. The wallet currently holds 1.5 bitcoins – equivalent to $3,500.

Analysts at cyber security firm Kaspersky Labs said they had traced the infections to “a new ransomware that has not been seen before”. The “NotPetya” attack had hit 2,000 users in Russia, Ukraine, Poland, France, Italy, the UK, Germany and the US, Kaspersky said.

Last month’s WannaCry or WannaCrypt ransomware attack affected more than 230,000 computers in over 150 countries, with the UK’s national health service, Spanish phone giant Telefónica and German state railways among those hardest hit.

In Ukraine, the central bank said an “unknown virus” was to blame for the latest attacks. “As a result of these cyber-attacks, these banks are having difficulties with client services and carrying out banking operations,” it said in a statement.

Ukraine has blamed Russia for previous cyber-ttacks, including one on its power grid at the end of 2015 that left part of western Ukraine temporarily without electricity. Russia has denied carrying out cyber-attacks on Ukraine.

Nicolas Duvinage, head of the French military’s digital crime unit, told Agence France-Presse the attack was “a bit like a flu epidemic in winter”, adding: “We will get many of these viral attack waves in coming months.”

Some security experts have even suggested the attack could be bigger than the Wannacry attack, which spread across the world in May. That was most famous for hitting the NHS and locking down computers across hospitals and doctors surgeries, but it also hit other major companies internationally.

Seventeen shipping container terminals run by APM Terminals have been hacked, including two in Rotterdam and 15 in other parts of the world, Dutch broadcaster RTV Rijnmond reported on Wednesday.

APM Terminals is a subsidiary of shipping giant Maersk , which has confirmed it is suffering from a cyber attack.

APM’s website was difficult to reach and phones at its headquarters in The Hague and offices in Rotterdam went unanswered.

As an IT Security company, Colins IT highly recommend implementing Heimdal security if you have not already. This is a piece of software that protects your web traffic from malware being downloaded. It blocks known malware sources. It keeps your software applications up to date. Our Kabuto application ensure that windows updates are installed and up to date.

Unfortunately, you have to spend money on your security. We live in an age where it is imperative to secure yourself. It is not a case of if but when you are going to be hit. As a business owner, I spend money on our own security because I can’t afford for our systems to be hacked and data encrypted. It’s not a risk I am willing to take.

Contact us if you need any advice or help.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.