FRANKFURT/MOSCOW (Reuters) – A major cyber attack, believed to have first struck Ukraine, caused havoc around the world yesterday, crippling computers or halting operations at port operator Maersk, a Cadbury chocolate plant in Australia and the property arm of French bank BNP Paribas.
Russia’s biggest oil company, Ukrainian banks and multinational firms were among those hit on Tuesday by the cyber extortion campaign, which has underscored growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers.
The rapidly spreading computer worm appeared to be a variant of an existing ransomware family known as Petya, which also has borrowed key features from last month’s ransomware attack, named “WannaCry”.
ESET, an anti-virus vendor based in Bratislava, said 80 percent of all infections from the new attack detected among its global customer base were in Ukraine, with Italy second hardest hit at about 10 percent. Several of the international firms hit had operations in Ukraine.
Shipping giant A.P. Moller-Maersk, which handles one in seven containers shipped worldwide and has a logistics unit in Ukraine, is not able to process new orders after being hit by the attack on Tuesday.
“Right now, at this hour, we’re not able to take new orders,” Maersk Line Chief Commercial Officer Vincent Clerc said yesterday.
BNP Paribas Real Estate, which provides property and investment management services, confirmed it had been hit, but declined to specify how widely it had affected its business. It employed nearly 3,500 staff in 16 countries as of last year.
“The international cyber attack hit our non-bank subsidiary, Real Estate. The necessary measures have been taken to rapidly contain the attack,” the bank said yesterday.
Production at the Cadbury factory on the island state of Tasmania ground to a halt late on Tuesday after computer systems went down, said Australian Manufacturing and Workers Union state secretary John Short.
Russia’s Rosneft, one of the world’s biggest crude producers by volume, said on Tuesday its systems had suffered “serious consequences” but said oil production had not been affected because it switched over to backup systems.
The virus crippled computers running Microsoft Corp’s Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.
Several security experts questioned whether the effort to extort victims with computers hit by the virus was the main goal, or whether the unknown hackers behind the attack could have other motives.