Saturday, 22 July 2017
Latest news
Main » 'Ransomware' wave seemed aimed at old flaw and Ukraine

'Ransomware' wave seemed aimed at old flaw and Ukraine

28 June 2017

The Petya ransomware broke out in Russian Federation and Ukraine less than 24 hours ago and was detected in South Korea for the first time on Wednesday.

The attack, which comes within weeks of a similar cyber attack called WannaCry, has been spreading through Europe, and seems to be making its way into India.

A large pharmaceutical company here is also understood to have been hit by the computer malware, which is manifesting in the form of ransomware. Merck's headquarters was hit severely by the cyber attack on Tuesday, and according to the K-I-S-A, the virus found its way to Korea using the company's intranet.

"The hacking attack could have led to serious consequences but neither the oil production nor the processing has been affected thanks to the fact that the company has switched to a reserve control system", the company said. Cho Sung-min, Arirang News.

Tim Rawlins, director of the Britain-based cybersecurity consultancy NCC Group, says these attacks continue to happen because people have not been keeping up with effectively patching their computers.

More news: Bill Cosby trial Day 9: Jury reports it is deadlocked

The key difference is that while WannaCry could only impact computers that it could crack with EternalBlue, which has been patched up in newer versions of Windows and was never even an issue in Linux or MacOS, Petya can affect nearly all x86 machine on the same network as a compromised system.

With anything running an Intel processor and being on the same network as an older Windows machine being fair game, Petya has already managed to wreak havoc on a scale comparable to WannaCry despite the former serving as a wake-up call of sorts.

Other security experts said they did not believe that the ransomware released on Tuesday had a "kill switch", meaning that it might be harder to stop than WannaCry was last month.

Companies don't patch for a variety of reasons: their machines don't support the patch, it's too expensive to do it, it might disrupt their services or they simply forget about an outdated computer on their network.

"Right now, at this hour, we're not able to take new orders", Maersk Line Chief Commercial Officer Vincent Clerc said in a telephone interview on Wednesday.

More news: Police search for woman missing from Raleigh airport

The "Petya" ransomware has caused disruption at firms across the US and Europe including advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft.

Infected computers display a message demanding a Bitcoin ransom worth $300.

But unlike WannaCry, last month's ransomware attack which crippled the NHS in the UK, Petya isn't an efficient money-making exercise. Maersk, a Dutch transport and logistics company, announced that "multiple sites and business units" had been shut down after a cyber attack, BBC reported.

The radiation monitoring system at Ukraine's Chernobyl nuclear site has been taken offline after a massive cyberattack, forcing employees to use hand-held counters to measure levels, officials said Tuesday.

Petya was first discovered in 2016 - it is ransomware that encrypts MFT (Master File Tree) tables and overwrites the MBR (Master Boot Record), dropping a ransom note and leaving victims unable to boot their computer.

More news: India's Kidambi Srikanth clinches Australian Open title

However, he said, that system only covers state institutions, not private companies. Read Also: Ransomware, the weapon wielded in cyber attacks " We are trying to shift some work to manual as we need to streamline the ships and their scheduled arrival, stay and departure", he said.

'Ransomware' wave seemed aimed at old flaw and Ukraine