New Ransomware Attacks Strike Europe, US

14619692 - virus bug in program code

 

Less than two months after the WannaCry virus was unleashed in a massive ransomware attack that affected more than two-hundred thousand computers around the globe, a new round of similar attacks began Tuesday morning. This time, the ransomware attacks first gained widespread notice in the Ukraine, where government departments, the nation’s central bank, and private firms saw their computer systems crippled by a virus that was initially identified as “Petya.” Screen shots on various social media outlets suggest that the attackers have demanded that ransom be paid in Bitcoin.

The virus spread across Europe and the US, impacting everything from computer systems at the Chernobyl nuclear plant to container terminals in Rotterdam owned by shipping giant AP Moller-Maersk. It impacted Russian oil and steel companies, French construction materials firm Saint-Gobain, and U.S. pharmaceuticals firm Merck.

According to security officials, the virus may be even more damaging than WannaCry. As Varonis VP Ken Spinner told The Telegraph,

"This attack doesn't just encrypt data for a ransom - but instead hijacks computers and prevents them from working altogether. The implications of this type of cyberattack spread far and wide: and can affect everything from government to banks to transportation."

The May release of the WannaCry virus has been blamed on North Korea, but authorities have yet to name any suspects in this most recent round of attacks. For now, security experts are still attempting to identify the exploits used to execute the attacks. Initial analysis suggested that this virus uses the same NSA EternalBlue exploit used by WannaCry, but subsequent research indicates that the virus may have gained access to that exploit using phishing emails.

Unfortunately, early indications are that this particular virus lacks the kill switch experts used to thwart the WannaCry attacks. Meanwhile, Kapersky Lab researchers have noted that the ransomware used in the assault may not even use the Petya virus at all. According to those researchers, “Our preliminary findings suggest that it is not a variant of Petya ransomware as publicly reported, but a new ransomware that has not been seen before."

The views expressed by the authors on this site do not necessarily represent the views of DCEBrief or the management team.

Author: Ken Chase

Freelance writer whose interests include topics ranging from technology and finance to politics, fitness, and all things canine. Aspiring polymath, semi-professional skeptic, and passionate advocate for the judicious use of the Oxford comma.

Share This Post On
  Subscribe To Newsletter
Subscribe to Our Newsletter

Keep up to date with the latest from DCEBrief

* we hate spam and never share your details.
×