TECHNOLOGY
A major global cyber attack on Tuesday disrupted computers at Russia's biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that last month infected more than 300,000 computers.
A major global cyber attack on Tuesday disrupted computers at Russia's biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that last month infected more than 300,000 computers.
The rapidly spreading cyber extortion campaign underscored growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers, who have shown they are capable of shutting down critical infrastructure and crippling corporate and government networks.
It included code known as "Eternal Blue," which cyber security experts widely believe was stolen from the U.S. National Security Agency and was also used in last month's ransomware attack, named "WannaCry."
"Cyber attacks can simply destroy us," said Kevin Johnson, chief executive of cyber security firm Secure Ideas. "Companies are just not doing what they are supposed to do to fix the problem."
The ransomware virus crippled computers running Microsoft Corp's Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access. More than 30 victims paid into the bitcoin account associated with the attack, according to a public ledger of transactions listed on blockchain.info.
Microsoft said the virus could spread through a flaw that was patched in a security update in March.
"We are continuing to investigate and will take appropriate action to protect customers," a spokesman for the company said, adding that Microsoft antivirus software detects and removes it.
Some 2,000 attacks were observed as of midday in New York on Tuesday, according to Kaspersky Lab. Russia and Ukraine were most affected, with other victims spread across countries including Britain, France, Germany, Italy, Poland and the United States, the security software maker said.
Security experts said they expected the impact to be smaller than WannaCry since many computers had been patched with Windows updates in the wake of WannaCry last month to protect them against attacks using Eternal Blue code.
Still, the attack could be more dangerous than traditional strains of ransomware because it makes computers unresponsive and unable to reboot, Juniper Networks said in a blog post analyzing the attack.
Researchers said the attack may have borrowed malware code used in earlier ransomware campaigns known as "Petya" and "GoldenEye."
Following last month's attack, governments, security firms and industrial groups aggressively advised businesses and consumers to make sure all their computers were updated with Microsoft patches to defend against the threat.
The U.S. Department of Homeland Security said it was monitoring the attacks and coordinating with other countries. It advised victims not to pay the extortion, saying that doing so does not guarantee access will be restored.
The NSA did not respond to a request for comment. The spy agency has not publicly said whether it built Eternal Blue and other hacking tools leaked online by an entity known as Shadow Brokers.
Several private security experts have said they believe Shadow Brokers is tied to the Russian government, and that the North Korean government was behind WannaCry. Both countries' governments deny charges they are involved in hacking.
'DON'T WASTE YOUR TIME'
The first attacks were reported from Russia and Ukraine.
Russia's Rosneft, one of the world's biggest crude producers by volume, said its systems had suffered "serious consequences," but added oil production had not been affected because it switched over to backup systems.
Ukrainian Deputy Prime Minister Pavlo Rozenko said the government's computer network went down and the central bank reported disruption to operations at banks and firms including the state power distributor.
Danish shipping giant A.P. Moller-Maersk said it was among the victims, reporting outages at facilities including its Los Angeles terminal.
WPP, the world's largest advertising agency, said it was also infected. A WPP employee who asked not to be named said that workers were told to shut down their computers: "The building has come to a standstill."
A Ukrainian media company said its computers were blocked and it was asked to pay $300 in the crypto-currency bitcoin to regain access.
"Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service," the message said, according to a screenshot posted on Ukraine's Channel 24.
Russia's central bank said there were isolated cases of lenders' IT systems being infected. One consumer lender, Home Credit, had to suspend client operations.
Other companies that identified themselves as victims included French construction materials firm Saint Gobain , U.S. drugmaker Merck & Co and Mars Inc's Royal Canin pet food business.
India-based employees at Beiersdorf, makers of Nivea skin care products, and Reckitt Benckiser, which owns Enfamil and Lysol, told Reuters the ransomware attack had impacted some of their systems in the country.
Western Pennsylvania's Heritage Valley Health System's entire network was shut down by a cyber attack on Tuesday, according to local media reports.
Last's month's fast-spreading WannaCry ransomware attack was crippled after a 22-year-old British security researcher Marcus Hutchins created a so-called "kill-switch" that experts hailed as the decisive step in slowing the attack.
Security experts said they did not believe that the ransomware released on Tuesday had a kill switch, meaning that it might be harder to stop.
Cyber intelligence firm Flashpoint said it believed the outbreak began in Ukraine, where attackers loaded the ransomware onto computers when they requested updates of a widely used accounting software program.
An adviser to Ukraine's interior minister said earlier in the day that the virus got into computer systems via "phishing" emails written in Russian and Ukrainian designed to lure employees into opening them.
According to the state security agency, the emails contained infected Word documents or PDF files as attachments.
(This article has not been edited by DNA's editorial team and is auto-generated from an agency feed.)
DNA TV Show: Why Punjabis are at the centre of Delhi poll campaign
Nepal hikes climbing fees by 36% for Mount Everest, to be implemented from...
Elon Musk reacts to Sam Altman's OpenAI's USD 500 billion AI project, says, 'They don't have...'
Delhi polls 2025: AAP releases AI-generated clip portraying BJP leaders as 'goons', netizens ask...
Mukesh Ambani gets good news after 4 months, Reliance Jio adds over 12 lakh mobile users in just...
Barroz OTT release date: When, where to watch Mohanlal's fantasy flop film
Ships carrying missile propellant ingredients set to sail from China to..., here's what report says
Meet Jeet Adani, Gautam Adani's son, set to marry Diva Jaimin Shah
Mukesh Ambani, Isha Ambani acquire another brand, plan to compete with...
Who is Ezra Vandan? OnlyFans model arrested for announcing plans to sleep with 100 men in 24 hours
Redefining vision and style for the modern era with RawBare eyewear
'No more shivering': Why Delhi, North India experiencing warmer days
Senior Hezbollah leader Muhammad Hammadi killed in firing in Lebanon
Mahakumbh 2025: Indian Railways to run over 150 special trains on THIS date; check details
IND vs ENG: Why is Mohammed Shami not playing India vs England 1st T20I in Kolkata?
7 in 10 believe private labelling by Zomato, Swiggy affecting their businesses: NRAI poll
Shocker! Iraqi Parliament passes bill that allow marrying girls as young as...
The PM of THIS country hailed Narendra Modi for uniting Hindus across the globe because he made...
No 'Pakistan' on Team India Champions Trophy 2025 jersey? BCCI provides massive update
At least 11 killed after being run over by train in Maharashtra's Jalgaon
Global Recognition Awards Leads the Way in Celebrating Business Excellence
India's largest pvt bank earns Rs 16736 crore in 3 months, market cap rises to Rs...
Consultation and Solutions with Acharya indravarman, the best astrologer in Yemen – Middle East
No liquor in Delhi for 4 days, shops closed on THESE dates in February due to...
Nitish Kumar's JDU withdraws support to BJP-led Manipur government
Salman Khan's crucial scene from Sikandar leaked, video goes viral
Mukesh Ambani's company infuses Rs 1170000000 in THIS business with...
Sky Force first review out: Akshay Kumar, Veer Pahariya film is 'classy vintage patriotic movie'
Cardarine for Sale: Where to Buy Cardarine (GW 501516) Online from Trusted Vendors
Top Gen Z Investors of 2025: Satya Komal, Paige Finn-Doherty and Maya Bakhai
The Top 5 Factors That Determine Your EMI
Consultation and Solutions With Acharya Indravarman, best astrologer in Oman, Middel East
Ram Gopal Varma seeks redemption from 'cinema sins' with his next 'Syndicate'
RRP Electronics enters into strategic alliance with US-based Deca Technologies
Pushpa 2: Production house drops BIG update on OTT release of Allu Arjun, Rashmika Mandanna film
Bigg Boss 18 winner Karan Veer Mehra plans to propose Chum Darang: 'Once we step out of...'
The Future of HVAC Systems by Surendra Mohan Devaraj
Pushpa 2 director Sukumar's residence, home raided by Income Tax officials
Meet IIT-JEE topper Satvat Jagwani, joined IIT Bombay with AIR 1 but left after 2 years due to…
Akshay Kumar replies 'mujhey nikal diya tha' to why he was not part of Bhool Bhulaiyaa 2 and 3
Bangladesh's SHOCKING threat, demands Sheikh Hasina's return from India, warns of...
Lip reader reveals what Obama said to Bush at Trump's inauguration: 'How can we stop...'