Cyber attack sweeps globe, researchers see 'WannaCry' link

A major global cyber attack disrupted computers at Russia's biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that infected more than 300,000 computers last month

28 June 2017, 8:04am
A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, in Kiev, Ukraine
A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, in Kiev, Ukraine
A global wave of cyber attacks exploited an already patched vulnerability in Windows software and appeared to have Ukraine as a primary target, according to computer security specialists.

The “Petya” ransomware has caused serious disruption through the US and Europe, with large firms including the advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft being unable to unlock their computers even if they pay the ransom.

Infected computers display a message demanding a Bitcoin ransom worth $300. Those who pay are asked to send confirmation of payment to an email address. However, that email address has been shut down by the email provider. This means that there is no longer any way for people who decide to pay the ransom to contact the attacker for a decryption key to unlock their computer.

The ransomware virus includes code known as "Eternal Blue", which cyber security experts widely believe was stolen from the US National Security Agency (NSA) and was also used in last month's ransomware attack, named "WannaCry".

WannaCry was a version of ransomware that, once in a computer, locked away data from users who were then told to pay to have access returned to their own files.

The rapidly spreading cyber extortion campaign, which began on Tuesday, underscored growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers, who have shown they are capable of shutting down critical infrastructure and crippling corporate and government networks.

"Cyber attacks can simply destroy us," Kevin Johnson, chief executive of cyber security firm Secure Ideas, said. "Companies are just not doing what they are supposed to do to fix the problem."

Businesses in the Asia-Pacific region reported some disruptions on Wednesday with the operations of several European companies hit, including India's largest container port, although the impact on companies and governments across the wider region appeared to be limited.

The attack was first reported in Ukraine, where the government, banks, state power utility and Kiev’s main airport and metro system were all affected. The radiation monitoring system at Chernobyl was taken offline, forcing employees to use hand-held counters to measure levels at the former nuclear plant’s exclusion zone.