Sunday, 22 April, 2018

Europe, Ukraine targeted in massive hack attack

Nellie Chapman | 29 June, 2017, 08:56

Russia's top oil producer Rosneft has said it has been hacked, as well as Danish shipping giant A.P. Moller-Maersk and Britain's WPP-the largest advertising company in the world.

A ransomware attack has locked down corporate computers throughout Europe and the U.S., a month after the NHS and other organisations were knocked offline by WannaCry.

Another major global Cyber attack on Tuesday.

A new cyberattack similar to WannaCry has reached Asia after spreading from Europe to the USA overnight, hitting businesses, port operators and government systems.

The hack's scale and the use of ransomware quickly recalled the massive May cyber attack in which hackers likely linked to North Korea disabled computers in dozens of nations, including Ukraine, using a flaw that was once incorporated by the National Security Agency's surveillance tool kit.

It included code "Eternal Blue, ' Cyber security experts stolen from the US National Security Agency". "Companies are just not doing what they are supposed to do to fix the problem".

Ukraine and Russian Federation appeared hardest hit by the new strain of ransomware - malicious software that locks up computer files with all-but-unbreakable encryption and then demands a ransom for its release.

Steve Malone from email and data security company Mimecast said as few as six people globally had paid the ransom into the attackers' Bitcoin wallet, meaning it wouldn't be a financially successful attack.

"We are talking about a cyberattack", said Anders Rosendahl, a spokesman for the Copenhagen-based group.

APM Terminals, owned by Maersk, is experiencing system issues at multiple terminals, including the Port of NY and New Jersey, the largest port on the U.S. East Coast, and Rotterdam in The Netherlands, Europe's largest harbor.

In Australia, a Cadbury chocolate factory was hit, a trade union official said.

Dutch-based transport company TNT Express, which was taken over a year ago by FedEx, also said Tuesday that it is suffering computer disruptions.

The source of the attack is not yet clear. "The attack will be repelled, and the attackers will be detected".

Russian Federation and Ukraine are most affected with the thousands of Ransomware attack, according to security software maker Kaspersky Lab, with other countries including Britain, France, Germany, Italy, Poland and the United States. The total number of attacks was unknown. The United States was investigating the attack and determined to hold those responsible accountable, it said.

Matthew Hickley, co-founder of My HackerHouse, said if your computer does force a reboot and show the following screen, turn your PC off to halt the encryption process.

It is not now known for certain how the infection is spreading, but some researchers have taken to Twitter to claim it is using the same technique as WannaCry to target the SMBv1 EternalBlue exploit and take advantage of unpatched Windows machines.

Also at risk are embedded computer systems - for example those that run public infrastructure - which are often connected to networks but not updated.

They say that the cyber attack on the country is not a coincidence because June 28 is Ukraine's Constitution Day.

In a statement, the White House National Security Council said there was now no risk to public safety.

Rob Wainwright, executive director at Europol, said the agency is "urgently responding" to reports of the new cyber attack.

The NSA did not respond to a request for comment.

But, Ukraine is not the only country to have been attacked by the latest ransomware bug.

Ukrainian firms, including the state power company and the country's central bank, Russia's biggest oil producer Rosneft, Danish shipping company Maersk, Netherlands-based shipping company TNT and USA pharmaceutical-maker Merck have all reported issues as a result of the attack. A WPP employee who asked not to be identified said workers were told to shut down their computers. Meanwhile, Ransomware is a type of malware that blocks access to a computer or its data and demands a ransom to release it.

"Perhaps you are busy looking for a way to recover your files, but don't waste your time". It said a rogue update seeded the infection across Ukraine. One consumer lender, Home Credit, had to suspend client operations.