New cyberattack causes mass disruption in Europe

Wednesday, 28 Jun, 2017

The US Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.

Ransomware is a type of software that infects a computer and restricts access to an infected machine until a ransom is paid.

"Countries affected so far are Ukraine, Russia, France, Spain and Denmark".

Kaspersky said its threat tracking tools have already detected more than 2,000 users that have been affected by the ransomware.

But even that massive figure looks set to be dwarfed within a few years, experts said, after ransomware attacks crippled computers worldwide in the past week.

The suspected culprit, at the time of press, is Petya ransomware, a strain that encrypts MFT (Master File Tree) tables and prevents victims from rebooting their computers, making it more risky and intrusive than other strains as it prevents them from working together and reboots their systems to do so.

"This variant asks for $300 via Bitcoin", Bilogorskiy said, referring to a digital currency favored by hackers for its anonymity.

Numerous businesses and government organizations across Europe and elsewhere have been hit by another major ransomware attack, which locks down vital files unless the victim pays the attackers money to release them.

A new and highly virulent outbreak of malicious data-scrambling software appears to be causing mass disruption across Europe, hitting Ukraine especially hard.

There may be delays in flights due to the situation.

Windows-based sensors used to monitor radiation levels at the Chernobyl nuclear power plan were shut down too, reports The BBC.

European companies took to Twitter or their websites to get word out about outages.

A global law firm with headquarters in London, DLA Piper, reported extensive problems. Other reported victims include the multinational advertising firm WPP and Russian steel and oil companies, Evraz and Rosneft.

"We stand ready to support any requests for assistance", officials said in a statement. These documents are then downloaded so they can run the ransomware installer, which then executes a worm that spreads to new computers.

Russian news agency TASS said Bashneft, Mars, Nivea, Mondelez International and other Russian companies were also affected. It is similar to WannaCry, which spread globally in May, but there are differences.

The world is still recovering from last month's WannaCry or WannaCrypt virus, which brought the UK'S NHS to its knees.

The Bitcoin wallet indicated as the pay recipient for the attackers is sitting at almost $7,000 from 27 transactions at the time this article was published, pointing to another reason ransomware attacks will continue: Companies are paying out.

Still, the attack could be more risky than traditional strains of ransomware because it makes computers unresponsive and unable to reboot, Juniper Networks said in a blog post analyzing the attack.