Organizations and corporations around the world were once again hit by a massive ransomware attack, in a manner similar to the WannaCry attack launched (and foiled) last May. Cybersecurity experts have dubbed the malware responsible forthis new round of attacks "Petya", with the Ukraine appearing to be the hardest-hit region, including having temporarily shut down the automatic radiation monitoring system at Chernobyl nuclear power plant.
Little is currently known about the background of the malware involved, but cybersecurity experts suspect it makes use of the same EternalBlue exploit used by WannaCry malware, originally a hacking tool stolen from the National Security Agency. "It’s like WannaCry all over again," explains F-Secure Chief Research Officer Mikko Hypponen.
"Though this attack is largely targeting companies, it’s important consumers also stay vigilant and take precautionary measures,” says Gary Davis, McAfee’s chief consumer security spokesperson. This malware is spread through phishing emails that contain links that trick the receiver into downloading the ransomware. Davis advises Windows users to make sure their operating systems are up to date, along with any antivirus software they may be running.
Some of the entities hit by Peyta include Russia’s largest oil producer, Rosneft; Danish shipping corporation A.P. Moller-Maersk; British-based WPP, the world’s largest advertising agency; Pharmaceutical giant Merck & Co.; Ukraine’s Boryspil Airport; French-based construction materials company Saint Gobain; German postal service Deutsche Post; the Ukrainian outlets of German-based wholesaler Metro; food company Mondelez International; Russian steel producer Evraz; and an unnamed international company based in Norway.