Hackers struck Tuesday across the European continent, locking up systems with a ransomware infection that also affected the United States, Russia and Ukraine — and more ominously, knocked out the radiation monitoring system at the destroyed Chernobyl nuclear plant.
Attacks were reported in the UK (advertising giant WPP was hit), Spain, France (industrial group Saint-Gobain fell victim) and the Netherlands, along with Russia, Ukraine and Denmark, as well as in the United States. It is not yet clear who is behind the attack, which appears to be burgeoning. Below is a quick “all you need to know about ransomware” report by ZDNet.
Ukraine was especially hard-hit, where cyber terrorists succeeded in taking down the power grid, government offices – including the cabinet of ministers – and banking system in addition to a number of major commercial firms.
Ukraine Prime Minister Volodymyr Groysman said in a statement posted on Facebook the attack was “unpredecented” but that “vital systems haven’t been affected” and underscored to readers, “Our IT experts are doing their job and protecting critical infrastructure… The attack will be repelled and the perpetrators will be tracked down.”
In addition, the Russian Roseneft oil giant was also successfully attacked, as was Denmark’s shipping giant A.P. Moller-Maersk in Copenhagen, which said every branch of its system was affected.
In the United States, systems at the New Jersey-based Merck pharmaceutical firm were also compromised, Associated Press reported, as were the Heritage Valley Health System hospital and health care system based in western Pennsylvania, and the New York City law firm of DLA Piper.
Ransomware is a type of malicious software that infects a computer and restricts users’ access to the infected machine until a ransom is paid to unlock it, an alert issued by the U.S. Department of Homeland Security’s National Cyber Awareness System explained.
“Individuals and organizations are discouraged from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cyber security threats, such as ransomware.
“Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable,” the alert continued. “Open-source reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB).”
In the United States, victims are being asked to report any ransomware incidents to the Internet Crime Complaint Center.
But global cyber security firm Kaspersky Lab contended in a statement Tuesday night that the malware is not a variant of Petya, but rather, a new ransom ware, which it has named, ‘NotPetya.’
In any case, in Israel thus far it appears the country has dodged a bullet, with Israel Security Agency (Shin Bet) domestic intelligence director Nadav Argaman telling participants Tuesday at the Tel Aviv University Cyber Week conference, “All kinds of hackers who work against us worldwide have been experiencing problems in their operations recently.”
Over the past year and a half the Shin Bet and its partners have succeeded in locating more than 2,000 potential terrorists through the use of technology, he noted. “We work together with the Mossad, Military Intelligence, the Cyber Authority and other countries around the world.”
Prime Minister Benjamin Netanyahu said in his remarks to the conference on Monday that Israel is now among the top five global cyber security powers.