by Richard Summerfield
Fresh off the heels of the ‘WannaCry’ ransomware attack, a fresh global cyber attack disrupted computers across the world on Tuesday and Wednesday. Russia's biggest oil company, Ukrainian banks and multinational firms across Europe, the US and the Asia-Pacific region were affected.
The latest attack, known as ‘Petya’ or ‘GoldenEye’, included code known as 'Eternal Blue', which cyber security experts believe was stolen from the US National Security Agency in April and was also used in WannaCry. It is the Eternal Blue code which facilitated the speed of the assault. Indeed, the attack spread rapidly, affecting machines running Microsoft’s Windows operating systems, encrypting hard drives and overwriting files before demanding $300 in bitcoin payments to restore access. "We are continuing to investigate and will take appropriate action to protect customers," a spokesman for Microsoft said.
Globally, Russia and Ukraine were most affected by the thousands of attacks, according to Kaspersky Lab. In Ukraine, government systems as well as banks, state power utilities and Kiev’s airport and metro system were all affected. Elsewhere, advertising giant WPP, French construction materials company Saint-Gobain, Danish shipping giant Maersk, US pharmaceutical company Merck, Russian steel and oil firms Evraz and Rosneft, and the Australian manufacturing facilities of the Mondelez owned Cadbury’s chocolate factory, along with many others, were all affected. In total, more than 2000 organisations are believed to have been hit.
The effectiveness of this latest attack, and the speed at which it has spread, so soon after the WannaCry attack, is cause for alarm among companies, cyber security professionals and the general public.
After the WannaCry incident, governments, security firms and industrial groups advised businesses and consumers to make sure all their computers were updated with Microsoft patches to defend against the threat. This latest attack, believed to be smaller than WannaCry, could be more harmful than its predecessor as it renders computers unresponsive and unable to reboot. The resourcefulness of the attackers is also a concern for cyber security professionals, particularly as Petya does not appear to have the same ‘kill switch’ which was used to neutralise the WannaCry attack.
Though they are not a new development, ransomware attacks are becoming more frequent. The Petya attack is yet another reminder that many organisations are neglecting to patch their systems, allowing malicious actors to exploit weaknesses. Companies must do more to protect their networks, their data and, ultimately, their cash.