The fight against cyberattacks has sparked exponential growth in global protection spending, with the cyber security market estimated at $120 billion this year, more than 30 times its size just over a decade ago.
In Europe, Danish sea transport company Maersk, British advertising giant WPP and French industrial group Saint-Gobain all came under attack as did United States pharmaceutical group Merck. The strain of Petya affecting the systems across Europe and the USA is a new, more powerful variant called Petrwrap, which is able to slip under the radar of many anti-virus programs, and can also stop patch fix systems from working. But “we have also registered hits in Poland, Italy, the UK, Germany, France, the U.S. and several other countries”.
French construction materials company St. Gobain said it had also fallen victim.
Ukraine Prime Minister Volodymyr Groysman said on Facebook that “our IT experts are doing their job and protecting critical infrastructure”. Ukraine’s Central Bank warned on its website that several banks had been attacked by hackers.
In France, the national cyber watchdog ANSSI said it was analysing the attacks and hoped to publish recommendations for users in a matter of hours.
In Russia, the known victims of the attack include the Rosneft oil giant, which was one of the first companies to complain about having its computer network hacked.
Cyber security experts said those behind the attack appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
Security software vendor McAfee said that the modified Petya attack had more potential to hit the general public than WannaCry, but that it had so far been mainly detected in business environments. “As a security measure we have isolated our computer systems to protect our data”.
“Most of our IT systems are down across all business units due to a virus”.
All Russian branches of Home Credit consumer lender are closed because of a cyber attack, an employee of a Home Credit call centre in Russia said.
The Petya virus has also attacked the Ukrainian government, Auchan Hypermarkets, Privatbank and telecommunication operators, the Group-IB company said.
The hack’s scale and the use of ransomware quickly recalled the massive May cyberattack. “We were forced to turn off all of our computers”, a company representative told Interfax Ukraine agency.
While the attacks have affected banking operations in Ukraine and will likely lead to some flight delays out of Boryspil airport, they don’t seem to have impacted services on a grander scale.
Ukraine’s delivery service company Nova Poshta confirmed the virus that hit its computers was Petya.A.
Grimaldi recommended customers look at solutions for data backup and recovery, vulnerability and patch management, audit identity and data use, advanced controls for endpoint security and file integrity monitoring, implementing least privilege principles and multi-factor authentication, and user security awareness training.
Security vendors including Bitdefender and Kaspersky said the NSA exploit, known as EternalBlue, is allowing malware to spread rapidly by itself across internal computer networks at companies and other large organizations.