Petya: The Latest  Global Ransomware Incident

The UK’s National Cyber Security Centre  (NCSC) says it is aware of a cyber-attack spreading around the world amid fears of disruption to infrastructure including banking and transport.

“We’re aware of the global ransomware incident and are monitoring the situation closely,” said a spokesperson, advising members of the public and businesses to check its website for guidance on keeping their systems secure.

British advertising firm WPP said IT systems in several of its companies were affected by the attack, as Maersk employees were sent home from its offices in Berkshire.

The first reports came from Ukraine where state infrastructure including government-owned banks, energy firms, transportation and ministers’ computers were hit by the ransomware. Russian oil giant Rosneft, the world’s largest shipping company Maersk and firms in India and Norway were among those affected.

Infected computers display a message demanding a payment of $300 (£235) in Bitcoin to re-gain access to encrypted files.
The Swiss Government’s Reporting and Analysis Centre said the Petya virus was believed to be responsible and was spreading by “exploiting the SMB (Server Message Block) vulnerability”.

Petya was previously blamed for disrupting systems in 2016 and works similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.

Maersk said its IT systems were down across “multiple sites and businesses due to a cyber-attack” that could affect its global operations. Employees at Maersk’s main UK office in Maidenhead said all staff had been locked out of their computers and sent home for the day.The Danish business conglomerate is the largest container shipping company in the world and also operates in the oil and gas sectors. Seventeen shipping container terminals run by Maersk subsidiary APM Terminals have also been hacked, including two in Rotterdam and 15 in other parts of the world, according to Dutch television.

Norway’s national security agency said the ransomware was affecting an unnamed “international company” in the country.
Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz.

Ukraine’s national bank, state power company and largest airport were among the targets first reported targets.
Rozenko Pavlo, the deputy Prime Minister, said he and other members of the government were unable to access their computers.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms. 
“As a result of cyber-attacks, these banks have difficulties with customer service and banking operations,” a statement said.
“The National Bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber-attacks on banks' IT systems will be neutralised.”

Computers and departure boards for Boryspil International Airport in Kiev, the largest in Ukraine, were also down.
The Ukrposhta state postal service, television stations and transport were affected by the attack, which left Kiev metro passengers unable to pay using bank cards. Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets.

Ukraine's Prime Minister later described the attack as “unprecedented” but said “vital systems haven't been affected”.
 “Our IT experts are doing their job and protecting critical infrastructure, Volodymyr Groysman added.
"The attack will be repelled and the perpetrators will be tracked down."

Ukraine has blamed Russia for repeated cyber-attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015.
Russia has denied involvement and the orchestrators of the attack were not known, although onlookers estimated they could make billions of dollars from the hack.

The UK’s Parliament was attacked on Friday 23rd June that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords.

The growth of global cyber-attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a permanent war on-line. 

Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.
“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.
“We are getting closer, clearly, to a state of war that could be more complicated, probably, than those we've known until now.”

Independent

You Might Also Read:

Power Companies Cyber ‘Nightmare’:

WannaCry Prompts Microsoft Updates … And A Warning:

 

 

« Facebook Deploys AI To Block Terror Propaganda
EU Fines Google $2.7 Billion »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

National Cyber Security Centre (NCSC) - Norway

National Cyber Security Centre (NCSC) - Norway

NCSC is part of the Norwegian Security Authority, and is Norway's national cyber security hub and the national CERT.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Komodo Consulting (KomodoSec)

Komodo Consulting (KomodoSec)

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Nexum

Nexum

Nexum takes a comprehensive approach to security, from detecting and preventing network threats, to equipping you with the information, tools and training you need to effectively manage IT risk.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Grove Group

Grove Group

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

Green Radar

Green Radar

Green Radar is a next generation cybersecurity company which combines technologies and services together to deliver Threat Detection for Emails and Deep Threat Analytics and Response.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

Blue Mantis

Blue Mantis

Blue Mantis is a security-first, IT solutions and services provider with a 30+ year history of successfully helping clients achieve business modernization.

Synergy Quantum

Synergy Quantum

Synergy Quantum has pioneered a proprietary suite of military-grade, quantum-secure communication technologies.