New wave of cyber attack sweeps globe, links found to Wannacry

A major global cyber attack on Tuesday disrupted computers at Russia's biggest oil company, Ukrainian banks and multinational firms, according to a Reuters report on June 28, 2017. 

The virus was similar to the ransomware, Wannacry, that infected more than 300,000 computers. It included a code known as "Eternal Blue," which was also used in the Wannacry attack. Cyber security experts widely believed that Eternal Blue was stolen from the United States National Security Agency. 

The first attacks were reported from Russia and Ukraine, which were also the two most affected countries. 

Wannacry. Photo courtesy: Wiki
Wannacry. Photo courtesy: Wiki

Russia's Rosneft, which was one of the world's biggest crude producers by volume, said its systems had suffered "serious consequences." However, oil production had not been affected because the company switched over to backup systems.

Ukrainian Deputy Prime Minister Pavlo Rozenko said the government's computer network went down. Ukraine's central bank reported disruption to operations at banks and firms, including the state power distributor.

The virus got into computer systems via "phishing" emails written in Russian and Ukrainian designed to lure employees into opening them, according to an advisor to Ukraine's interior minister. The emails had contained infected Word documents or PDF files as attachments.

Security experts also believe that this new ransomware does not have a kill switch, which means that it might be harder to stop.

The ransomware virus crippled computers running Microsoft Corp's Windows by encrypting hard drives and overwriting files. It then demanded SGD300 in bitcoin payments to restore access. More than 30 victims had paid into the bitcoin account associated with the attack, according to a public ledger of transactions listed on blockchain.info.

Microsoft said the virus could spread through a flaw that was patched in a security update in March. "We are continuing to investigate and will take appropriate action to protect customers," a spokesperson of the company said, adding that Microsoft antivirus software detects and removes it.

Other victims of the attack were spread across countries including Britain, France, Germany, Italy, Poland and the United States.

Author
Kareyst Lin
Kareyst Lin – Senior Writer

Kareyst has experience in writing about B2B technology for Computerworld Singapore, MIS Asia and CIO Asia; and on government technology for GCIO Asia. Her pet areas are artificial intelligence, Internet of Things and smart cities - these are fueled by her obsession with sci-fi movies and philosophy of mind. 

Sometimes she writes with light. 

Comments