Europe, US hit by new wave of cyber attack

PARIS — A new cyber attack similar to the WannaCry bug spread across Europe and United States yesterday causing mass disruption and hitting countries such as Ukraine especially hard.

The attack was believed to have started in Russia and Ukraine before quickly spreading to western Europe and beyond.

More than 80 companies and government offices in Russia and Ukraine were affected by the Petya virus that disabled computers yesterday and told users to pay US$300 (S$420) in cryptocurrency to unlock them, according to the Moscow-based cyber security company Group-IB.

Company and government officials reported serious intrusions at the Ukrainian power grid, banks, an airport and government offices. Ukrainian deputy prime minister Pavlo Rozenko posted on Twitter a picture of a darkened computer screen, saying that the computer system at the government’s headquarters has been shut down.

Describing the attack as “unprecedented”, Ukraine Prime Minister Volodymyr Groysman assured that “vital systems haven’t been affected”.

“Our IT experts are doing their job and protecting critical infrastructure ... The attack will be repelled and the perpetrators will be tracked down,” he said.

Mr Anton Gerashchenko, an aide to the Interior Ministry, wrote on Facebook that the goal of the attack was “the destabilisation of the economic situation and in the civic consciousness of Ukraine”, although it was “disguised as an extortion attempt”.

Russia’s central bank said there had been “computer attacks” on Russian banks, but no data was compromised. Kremlin-controlled Rosneft, Russia’s largest crude producer, said in a statement that it avoided “serious consequences” from the “hacker attack” by switching to “a backup system for managing production processes”.

Maersk, operator of the world’s largest container line, said its customers cannot use online booking tools and its internal systems are down. The attack affected multiple sites and units, which include a major port operator and an oil and gas producer, said spokeswoman Concepcion Boo Arias.

APM Terminals, a subsidiary of Maersk, also confirmed its systems were “impacted”. Dutch broadcaster RTV Rijnmond reported that 17 shipping container terminals run by APM Terminals have been hacked, including two in Rotterdam and 15 in other parts of the world. Similarly, Saint-Gobain, a French manufacturer, said its systems had been infected. US-based pharmaceuticals giant Merck said its computer network was “compromised as part of (the) global hack”.

The strikes follow the global ransomware assault involving the WannaCry virus that affected hundreds of thousands of computers in more than 150 countries as extortionists demanded US$300 in bitcoin from victims.

Ransomware attacks have been soaring and the number of such incidents increased by 50 per cent in 2016, according to Verizon Communications.

The new virus has a fake Microsoft digital signature appended to it, Mr Costin Raiu, director of the global research and analysis team at Moscow-based Kaspersky Lab, said on Twitter. There is very little information about who might be behind the disruption at each specific company, but cyber security experts rapidly zeroed in on a form of ransomware, the name given to programmes that hold data hostage by scrambling it until a payment is made.

“This is a bit like a flu epidemic in winter,” said Mr Nicolas Duvinage, head of the French military’s digital crime unit. “We will get many of these viral attack waves in the coming months.” AGENCIES