New computer virus spreads from Ukraine to disrupt world business
A computer virus that wreak havoc on companies around the world Wednesday, while stretching to more than 60 countries, which alters the ports from Mumbai to Los Angeles and disrupted work in a chocolate factory in Australia.
Cyence risk modeling company said the economic losses of the attack this week and last month of a virus called WannaCry probably exceeded 8 billion. This assessment highlights the enormous strengths of companies worldwide to meet the growing cyber attacks that hit critical offline computer networks.
“When systems are down and they can not generate revenue, it really attracts leaders and board members,” said George Kurtz, chief executive of security software maker CrowdStrike. “This has made it easier to understand the need for resiliency and improved security in networks.”
The virus, the researchers call Petia or GoldenEye, began spreading in Ukraine Tuesday. It infected the computers of visitors on a local news website and computers have downloaded contaminated updates a popular package of tax accounting, according to national police and cyber experts.
A cargo reservation system was closed at the Danish shipping giant A. P. Moller-Maersk (MAERSKb.CO), causing traffic jams in some of the 76 ports in the world managed by its APM subsidiary terminals …
Maersk said on Wednesday that the system was online again: “The booking confirmation will take a little longer than usual, but we are happy to carry your cargo,” he said on Twitter.
The US FedEx delivery provider said its TNT division had been significantly affected by the virus, which has also moved to South America, which affects Argentine ports operated by China Cofco.
The malicious code encrypted data on machines and required victims of the $ 300 rescue for recovery, similar to the extortion tactics used in the general ransomware of attack WannaCry in May.
Security experts said they believed the aim was to disrupt computer systems in Ukraine, not extortion, claiming that the attack uses powerful cleaning software that made it impossible to recover lost data.
“It was a disguised ransomware broom. They do not intend to get money against the attack,” said Tom Kellermann, CEO of Ciber Ventures, strategic.
The malware appears to use code known as the “eternal blue” that was developed by the US National Security Agency.
Eternal Blue was part of a stolen toolkit from the NSA piracy and was leaked on the Internet in April by a group called Shadow Runners, which security researchers believe is related to the Russian government.
This attack has been pointed out by NSA critics who say the agency puts the public at risk by keeping information about software vulnerabilities secret so it can be used in cyber operations.
The United States representative, Ted location, a Democrat, on Wednesday asked the NSA to immediately reveal any information he might have in eternal blue that would help to stop the attacks.
“If the NSA has a killer switch to this new malware attack, the NSA must implement it now,” Lugar said in a letter to NSA director Mike Rogers.
The NSA did not respond to a request for comment and has not publicly acknowledged that it has developed hacking tools made known by Shadow Brokers.
The target of the campaign looked like Ukraine, an enemy of Russia, that underwent two cyber attacks in its electrical network that attributed to Moscow.
ESET, a Slovakian cyber security software company, said that 80 percent of infections detected among its global customers were in Ukraine, followed by Italy with 10 percent.
Ukraine has repeatedly accused Moscow of organizing cyber attacks on its computer networks and infrastructure since Russia annexed Crimea in 2014.
The Kremlin has denied the charges, said on Wednesday it had no information on the source of the attack, which also affected Russian companies, including oil company Rosneft (ROSN.MM) and a steel mill.