Weeks after the WannaCry ransomware attacked systems in over 100 countries, European countries including Ukraine and Russia have come under another cyber-attack.
Reports suggest that Russia’s biggest oil company, Ukraine’s international airport as well as global shipping firm AP Moller-Maersk have been impacted by the attack.
They cited Moscow-based cyber security firm Group IB stating that hackers had exploited a code developed by the US National Security Agency (NSA) which was leaked and then used in the WannaCry ransomware attack that caused global disruption in May.
Stray cases of computers being impacted by WannaCry were reported in India at that time. Serious intrusions have been reported at the Ukrainian power grid, banks and government offices, where one senior official posted a photo of a darkened computer screen and the words, “the whole network is down”.
Reports also said the attacks impacted Russian metal maker Evraz, French construction materials firm Saint Gobain and the world’s biggest advertising agency, WPP but it could not be ascertained whether it was by the same virus.
Security firm Lucideus said the current ransomware has impacted multiple sectors, which points to the fact that it was not a targeted attack.
“Even post WannaCry attack, with our experience we can say that over 50 per cent of Windows systems are still not patched across India. This is a worrisome figure,” the company said.
ALSO READ: Cyberattack hit several lenders in country: Ukraine central bank
New malware hits JNPT ops as APM Terminals hacked globally
Operations at one of the three terminals of the nation’s largest container port JNPT were impacted on Tuesday night as a fallout of the global ransomware attack, which crippled some central banks and many large corporations in Europe.
AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT, which has a capacity to handle 1.8 million standard container units.
“We have been informed that the operations at GTI have come to a standstill because their systems are down (due to the malware attack). They are trying to work manually,” a senior JNPT official told PTI on Tuesday.
The official explained that JNPT is trying to help the company, but there is little that others can do as the problem is with the systems. Fearing some clogging up of cargo, additional parking space is being made available, the official said, promising to help in any way that is possible.
The Hague-based APM Terminals also operates the Pipavav terminal in Gujarat. Foreign media reports from the Netherlands capital The Hague quoting the pubcaster RTV Rijnmond said a new ransomware virus called Petya has hit 17 APM terminals, including two in Rotterdam and 15 in other parts of the world.
APM Terminals is a subsidiary of shipping giant Maersk, which has confirmed it is suffering from a cyber attack. When contacted, an APM spokesperson refused to comment on the India impact of the attack.
“We can confirm that Maersk’s IT systems are down across multiple geographies and business units due to a cyber-attack. We continue to assess the situation. The safety of our employees, our operation and our customers businesses is our top priority. We will update when we have more information,” the spokesperson said in a written statement issued globally.
The current attacks come weeks after the Wannacry ransomware attack, which impacted systems of many companies. Companies that affected on Tuesday include Russia’s biggest oil company Rosneft, global advertising giant WPP Group and multiple institutions in Ukraine including its central bank and an international airport.
An AFP report quoting the Ukrainian central bank said a cyberattack hit several lenders in the ex-Soviet republic, hindering operations and leading the regulator to warn other financial institutions to tighten security measures.
The Moscow-based cyber security firm Group IB traced the origins of the malware and the hackers to a code developed by the US National Security Agency (NSA) which was leaked and then used in the WannaCry ransomware attack that caused global disruption last month, according to an AFP report.
The global wire quoted a Ukrainian media company, which was hit, as saying its computers were blocked and it had received a demand for USD300 worth of the Bitcoin crypto-currency to restore access to its files.