Hackers cause disruption in several European countries
Several major corporations say they have been targeted in an international cyberattack which started in Ukraine and Russia before spreading to parts of Europe.
Danish shipping giant Maersk, Russia’s Rosneft oil firm, British advertising agency WPP and the French industrial group Saint-Gobain on Tuesday all said they came under attack and put protection protocols in place to avoid data loss.
“We are talking about a cyberattack,” said Anders Rosendahl, a spokesman for Copenhagen-based Maersk. “It has affected all branches of our business, at home and abroad.”
One of the countries particularly hit was Ukraine, where serious intrusions at the power grid, banks and government offices were experienced.
Pavlo Rozenko, the country’s deputy prime minister, posted a picture of a darkened computer screen to Twitter, saying that the computer system at the government’s headquarters has been shut down.
“The National Bank of Ukraine has warned banks … about an external hacker attack on the websites of some Ukrainian banks … which was carried out today,” the National Bank of Ukraine said in a statement.
Banks were experiencing “difficulty in servicing customers and performing banking operations” due to the attacks, it said.
Earlier on Tuesday, an attack was also reported by the power company in Kiev, Kyivenergo. “We were forced to turn off all of our computers,” a company representative told Interfax Ukraine agency.
Ransomware suspected
Rosneft said on Twitter that a powerful hacking attack has been carried out against the company’s servers.
Russia’s leading oil producer said the attack “could have had serious consequences” but said that thanks to a back-up system “the production and extraction of oil were not stopped.”
Russian steelmaker Evraz said it was also affected by cyber attacks, adding that production was not affected.
Britain’s WPP, the world’s biggest advertising agency, said on Tuesday that it had been hit by a cyberattack, one of many major companies to face major disruption.
A spokesman confirmed it had been affected without giving any further details. The company’s website was not available.
The cyberattack has also affected an unnamed “international company” in Norway, the country’s national security authority said.
“We see there is a ransomware attack that is actually ongoing. Only one international company has been affected in Norway,” said a spokeswoman for the authority, who declined to name the company.
There is very little information yet about who might be behind the disruption, but technology experts quoted by the Associated Press news agency who examined screenshots circulating on social media said it bears the hallmarks of ransomware.
Ransomware is the name given to programmes that hold data hostage by scrambling it until a payment is made.
The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt , which spread rapidly since mid-May using digital break-in tools originally created by the US National Security Agency and recently leaked to the web.
The spread of the WannaCry ransomware which locked up hundreds of thousands computers in more than 150 countries has slowed in June, but security experts have warned that new versions of the worm may strike.