Ukraine crippled by recent cyberattack, India's JNPT also hit
A new and highly virulent outbreak of malicious data-scrambling software appears to be causing mass disruption across the world, hitting companies and governments in Europe especially hard
A new and highly virulent outbreak of malicious data-scrambling software appears to be causing mass disruption across the world, hitting companies and governments in Europe, especially hard.
Officials in Ukraine reported serious intrusions of the country's power grid as well as at banks and government offices, where one senior executive posted a photo of a darkened computer screen and the words, "the whole network is down." The prime minister cautioned that the country's "vital systems" hadn't been affected.
Russia's Rosneft oil company also reported falling victim to hacking and said it had narrowly avoided major damage, as did Danish shipping giant AP Moller-Maersk. "We are talking about a cyberattack," said Anders Rosendahl, a spokesman for the Copenhagen-based shipping group. "It has affected all branches of our business, at home and abroad."
The attack was confirmed to have spread beyond Europe when US drugmaker Merck, based in New Jersey, said its systems had also been compromised. The number of companies and agencies reportedly affected by the ransomware campaign was piling up fast, and the electronic rampage appeared to be rapidly snowballing into a worldwide crisis.
There's very little information about what might be behind the disruption at each specific company, but cybersecurity experts rapidly zeroed in on a form of ransomware, the name given to programs that hold data hostage by scrambling it until a payment is made.
But, Ukraine is not the only country to have been attacked by the latest ransomware bug. India as well, experienced its own share of cyber attacks. In recent reports by PTI operations at one of the three terminals of the nation's largest container port JNPT were impacted tonight as a fallout of the global ransomware attack, which crippled some central banks and many large corporations in Europe. AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT, which has a capacity to handle 1.8 million standard container units.
Also read: European firms hit by 'massive' cyber attack
"A massive ransomware campaign is currently unfolding worldwide," said Romanian cybersecurity company Bitdefender, where analyst Bogdan Botezatu said that it appeared to be nearly identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months. Some analysts were calling the new form of ransomware Petya.
It's not clear whether or why the ransomware has suddenly become so much more potent, but Botezatu said that it was likely spreading automatically across a network, without the need for human interaction. Such self-spreading software, often called "worms," are particularly feared because they can replicate rapidly, like a contagious disease.
"It's like somebody sneezing into a train full of people," Botezatu told The Associated Press. "You just have to exist there and you're vulnerable." The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the US National Security Agency and recently leaked to the web.
"Data breaches and cyber hacks are one of the biggest risks facing business worldwide," said Michelle Crorie, a partner at law firm Clyde & Co. who specializes in cybersecurity issues. "The WannaCry attack and now Petya clearly demonstrate that hackers do not discriminate which type of business they are targeting."
This particular variant of ransomware leaves a message with a contact email; several messages sent to the address were not immediately returned.