Here comes another huge ransomware attack, almost on the lines of the WannaCry ransomware outbreak, which lashed across over 150 countries in mid-May. This new ransomware, the outbreak of which has reportedly begun from Ukraine, is fast spreading to other countries across the globe as well. As per experts, this ransomware is a new variant, an “updated variant” of a malware strain known as Petya ransomware attack or Petrwrap.
Reported to be the biggest malware hack to strike Ukraine, this ransomware has already impacted many leading organizations across Europe. As for Ukraine, it’s reported that the list of those impacted includes the government, banks, state power facility as well as the airport and metro system in the capital city of Kiev. Having spread to other countries, it has reportedly affected British advertising giant WPP, French construction materials company Saint-Gobain, Russian steel and oil firms Evraz and Rosneft, the food giant Mondelez, legal firm DLA Piper and Danish shipping and transport giant AP Moller-Maersk.
Maersk has already acknowledged that its operations have been hit, with a tweet that says- “We confirm some Maersk IT systems are down. The safety of our customers’ business and our people is our top priority. Updates to follow.”
WPP has tweeted – “IT systems in several WPP companies have been affected by a suspected cyber attack. We are taking appropriate measures & will update asap.”
The British British National Cyber Security Centre meanwhile has released a statement, which includes a “ransomware guidance for organisations” and which also states- “We are aware of a global ransomware incident and are monitoring the situation closely.”
Some experts feel that this attack could end up being bigger than the WannaCry attack. Of course, the initial reports were suggesting that the attack was a coordinated hack, targeting Ukraine and Russia. Anyway, there’s no clear idea as to how it began and how it has spread to other countries as well. Experts are also not confident about resolving the issue either; they don’t yet know whether it would be possible to mitigate the effects of the attack.
The Petya ransomware attack has spread from Ukraine to different parts of Europe (Spain, Netherlands, Denmark etc) and to India as well. It’s reported that the hackers behind this malware are asking for a ransom of $300 in Bitcoin. It’s also reported that they have already started getting their payment and that the ransom payment this time happens faster than it happened with WannaCry.
Well, as for WannaCry, it was a Killswitch that it had which helped curb it. But with the Petya ransomware attack, it won’t be that easy to curb it since the malware doesn’t seem to have a Killswitch. Analysts and experts are coming up with various observations regarding how it spreads. While some say that it spreads using the CVE-2017-0199 Office RTF vulnerability, some others say that it is spreading via a malicious update of the MEDOC accounting software. Well, let’s wait for a confirmation of the same. Meanwhile, the best thing to do would be to maintain safe practices including using security software, taking backups, keeping software updated and upgraded, staying wary of phishing e-mail/links etc.
Author Bio: Rachel Weisz is a technical blog writer. She writes about Hacking News, information on Technology, the Internet, Networking, and Security.