Widespread Cyberattack Hits Major European Companies
A widespread cyberattack rippled across Europe on Tuesday and disrupted the computer systems of banks and major companies in Ukraine, Russia, Britain and elsewhere — mirroring a crippling ransomware assault a month ago.
Merck & Co., an American pharmaceutical company, tweeted that its computer network “was compromised … as part of the global hack.” U.S.-based food giant Mondelēz International also reported a “global IT outage.”
The attack is being linked to ransomware known as Petya, which was previously advertised for sale on top-tier Russian criminal forums, according to research from New York City-based Flashpoint, a business risk intelligence firm.
“Initial reports indicate the outbreak is mainly in Ukraine and Russia, but there are other companies impacted outside of those countries,” Flashpoint said, adding that the initial means of infection remains unknown but it has spread similarly to that of the worldwide “WannaCry” malware attack affecting about 300,000 computers in May.
Other security firms also said Petya or a modification of it was involved, although Kaspersky Lab, a Russian security software company, said its preliminary findings suggest new ransomware may be the culprit. Around 2,000 systems have been affected, Kaspersky said.
Europol, the European law enforcement agency, tweeted that it was aware of the ransomware threat and was working with various cyberunits to determine the “full nature of this attack.”
Ukrainian Prime Minister Volodymyr Groysman said the scale of the ransomware campaign on his country was “unprecedented,” but that “vital systems haven’t been affected.”
The National Bank of Ukraine warned financial institutions and related firms they may experience difficulties in their operations. The bank said it was “confident” that the country’s banking infrastructure is “securely protected from cyberattacks and any attempts to perform hacker attacks will be efficiently warded off.”
The government’s computer network went down as well, and Ukraine’s deputy prime minister, Pavlo Rozenko, posted a picture on Twitter of a computer screen with an error message.
A message on a cash machine for Ukraine’s state-owned bank Oschadbank demanded $300 worth of Bitcoin — and taunted victims not to “waste your time” looking for another fix.
“If you see this text, then your files are no longer accessible, because they have been encrypted,” the message read in English, according to an image taken by a Reuters photographer in Kiev.
“Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our encryption service.”
The message then went on to say how to pay the ransom in Bitcoin. The number of companies and agencies reportedly affected Tuesday was piling up fast as the electronic rampage appeared to be rapidly snowballing into a real-world crisis.
The cyberattack affected operations at the Chernobyl nuclear site in Ukraine, forcing some radiation checks to be carried out manually at the facility, which famously exploded in 1986.
Meanwhile, Britain’s WPP, the world’s biggest advertising agency, said it had been hit by a cyberattack.
In Germany, postal and logistics company Deutsche Post said systems of its Express division in the Ukraine had been disrupted.
Global shipping firm Shipping company A.P. Moller-Maersk in Copenhagen said it had suffered a computer system outage also caused by a cyberattack.
by ERIK ORTIZ and BEN POPKEN