New highly virulent strain of ransomware cripples networks

Adjust Comment Print

A major cyber-attack dubbed "Petya" hit central banks and many large corporations in Europe, the Middle-East and the U.S., creating havoc for employees and customers alike.

"Because it blocks boot efforts and prevents affected systems from working altogether, it's considered more unsafe than typical ransomware strains", Sophos writes in its Naked Security blog.

Microsoft released a patch for the exploit in March, but many companies have apparently failed to apply the patch, and among those were firms and individuals hit by the WannaCry malware attack in mid-May. Banks as well as retail businesses across the world are concentrating their defenses against the new wave of cyber thefts and attacks, safeguarding themselves and their clients' sensitive data such as their credit card details.

The only way to regain access to computer files, once the malware has taken over a system, is to pay an approximately $300 ransom using Bitcoin.

The payment method via an email address that was quickly shut down, is considered amateurish and led to speculation that the virus' goal was not monetary gain, but rather to simply cause damage.

Businesses and government organizations in Russian Federation and Ukraine are among the most severely affected.

"Due to the temporary shutdown of the Windows system, the radiation monitoring of the industrial area is being done manually", the agency said on its website. Russia's Rosneft oil company also reported falling victim to hacking, as did Danish shipping giant A P Moller-Maersk and French construction materials company Saint Gobain.

A new "Petya" ransomware attack has hit the globe, affecting several corporations, airports and government departments.

Intelligence agencies and security researchers have linked last month's WannaCry attack to a group associated with North Korea.

The incidents occurred as a Ukrainian military intelligence official, Col. Maxim Shapoval, was killed by a vehicle bomb as he drove through Kiev.

"The hacking attack could have led to serious consequences but neither the oil production nor the processing has been affected thanks to the fact that the company has switched to a reserve control system", the company said.

Singapore's CII sectors and private sectors were issued advisories and technical data such as Indicators of Compromise about Petya following the global attacks, which occurred on Tuesday night.

By creating a read-only file - named perfc - and placing it within a computer's "C:\Windows" folder, the attack will be stopped in its tracks.

It may have first spread through a rogue update to a piece of Ukrainian accounting software called MEDoc, according to tweets by the country's cyberpolice unit.

Disruptions were also reported in Asia.

The attack targets Windows PCs and takes the form of ransomware, encrypting users' files and demanding payment in exchange for decryption. The ransomware affected companies in Australia and India.