Cyber attack hits IT systems in Ireland and UK
Several organisations including big business and government offices in eastern Europe have been hit by a worldwide cyber attack. It has been reported that companies in Ireland may also have been affected, with computer systems at shipping group Maersk failing across regions including Ireland. Danish, British and Spanish multinationals have also been hit by the attack.
Ukrainian deputy prime minister Pavlo Rozenko posted a picture of a darkened computer screen on Twitter, saying the computer system at the government’s headquarters has been shut down. Russia’s biggest oil company, Ukraine’s international airport, WPP, the world’s biggest advertising firm, food company Mondelēz, and pharmaceutical giant Merck are also affected.
There is very little information about who might be behind the Eastern European disruption, but technology experts have said it bears the hallmarks of ransomware, the name given to programmes that hold data hostage by scrambling it until a payment is made. The latest attack comes just weeks after ransomware downed systems across the globe, including the NHS in the UK.
More than 200,000 victims in around 150 countries were infected by the WannaCry or Wanna Decryptor ransomware, which originated in the UK and Spain last month, before spreading globally. The current ransomware, the name given to programmes that hold data hostage by scrambling it until a payment is made, is known as GoldenEye or Petya, according to Bogdan Botezatu, a senior e-threat analyst at Bitdefender.
Marco Cova, senior security researcher at anti-malware company Lastline said: “The Petya attack looks very similar in its dynamics and techniques to the WannaCry ransomware that caused large disruption just a few weeks ago. “In particular, like WannaCry, it seems to rely on the EternalBlue exploit to automatically spread from one machine to another.
“It’s still early in the infection lifecycle, but obviously, if it is confirmed that the EternalBlue is the only spreading mechanism, there will be inevitable questions about how organisations could still fall to this attack after all the publicity and support tools (patches, scanning tools, etc.) that were produced as part of the WannaCry response.”
