Another global cyber attack was activated over the past few weeks leaving companies across Europe, Australia and the United States struggling to respond.
This outbreak may be the most sophisticated of a series of attacks initiated after hacking tools were stolen from the National Security Agency and leaked online in April. Similar to the WannaCry attacks in May, the most recent hack involves taking control of computer systems and asking users for digital ransom in order to regain access.
Here’s a very clear description of WannaCry that will give you a better idea as to how “ransomeware” works:
According to a spokesperson from Microsoft, the latest software update used to patch EternalBluethe Windows software vulnerability that caused previous attacksshould protect against this attack.
However, the companies affected may have failed to properly install it. As of Wednesday morning, the following companies had been affected:
- Ukrainian institutions that include the Infrastructure Ministry, postal service, central bank and the countrys largest telephone company
- Russian oil company Rosneft
- The worlds largest container-shipping company A.P. Moller-Maersk
- S. pharmaceutical giant Merck
- S. food company Mondelez International
- French bank BNP Paribas
- French construction materials company Saint-Gobain
- British marketing company WPP
- German railway company Deutsche Bahn
Who’s Behind the Attacks?
Although the perpetrators of this outbreak are still unknown, computer specialists have noticed similarities between the ransomware used in this attack and last years Petya attack. Like WannaCry, Petya is a quickly spreading worm that affects vulnerable systems. Unlike WannaCry, Petya has multiple ways to spread. This could explain why even victims who applied the EternalBlue patch were affected.
If the most recent attack is related to Petya, it could be far more damaging than WannaCry. Unlike WannaCry, Petya lacks a kill switch to prevent it from spreading. Also, Petya locks and encrypts entire hard drives, while WannaCry only locked individual files.
At the time of this news brief, 30 victims had paid the bitcoin ransom of $300, according to online records, but it isnt yet clear whether theyve regained access to their systems. Complicating matters, German email provider Poseo shut down the email account of the hackers in a move that could make it impossible for hackers to restore their victims computer access once ransom is paid.