Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack.
British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence. The virus, the source of which is not yet known, freezes the user’s computer until an untraceable ransom is paid in the digital Bitcoin currency.
Ukrainian firms, including the state power company and Kiev’s main airport, were among the first to report issues.
YOU WILL ALSO ENJOY: Can a single malware take down an entire city’s power grid?
In a statement, the US National Security Council said government agencies were investigating the attack and that the US was “determined to hold those responsible accountable”.
The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks – most in Ukraine, Russia and Poland. The international police organisation Interpol has said it was “closely monitoring” the situation and liaising with its member countries.
Experts suggest the malware is taking advantage of the same weaknesses used by the WannaCry attack last month.
“It initially appeared to be a variant of a piece of ransomware that emerged last year,” said computer scientist Prof Alan Woodward. “The ransomware was called Petya and the updated version Petrwrap.”
We’re working w/ @ncsc on analysing the #ransomware. Follow them for updates & guidance on protecting yourself. https://t.co/8qoCCPLccd pic.twitter.com/iJVvnAFE0d
— NationalCrimeAgency (@NCA_UK) June 27, 2017
Problems have also affected:
- the Ukrainian central bank, the aircraft manufacturer Antonov, and two postal services
- Russia’s biggest oil producer, Rosneft
- Danish shipping company Maersk, including its container shipping, oil, gas and drilling operations. A port in Mumbai is among those that has halted operations
- a Pennsylvania hospital operator, Heritage Valley Health System, which reported its computer network was down, causing operations to be delayed – but it is not yet clear if it was subject to the same type of attack
- Spanish food giant Mondelez – whose brands include Oreo and Toblerone – according to the country’s media. A Cadbury factory in Tasmania, Australia is affected
- Netherlands-based shipping company TNT, which said some of its systems needed “remediation”
- French construction materials company St Gobain
- US pharmaceuticals-maker Merck
- The local offices of the law firm DLA Piper – a sign in the firm’s Washington DC office said: “Please remove all laptops from docking stations and keep turned off – no exceptions.”
Ukraine seems to have been particularly badly hit this time round.
Reports suggest that the Kiev metro system has stopped accepting payment cards while several chains of petrol stations have suspended operations.
Ukraine’s deputy prime minister has tweeted a picture appearing to show government systems have been affected.
His caption reads: “Ta-daaa! Network is down at the Cabinet of Minister’s secretariat.”