Computers in Ukrainian banks, the biggest oil company in Russia as well as multinational firms were disrupted by a major cyber attack that made use of a virus that is similar to ransomware employed last month to infect over 300,000 computers. The ransomware contained code that is believed to have been stolen from the National Security Agency and which was also used during the ‘WannaCry’ cyberattack last month.
The cyber extortion campaign which is rapidly spreading has underscored the fact that businesses may not be doing enough to ensure that their networks are secure from hackers who are becoming increasingly aggressive and who have proven capable of causing disruptions to critical infrastructure.
“Cyber attacks can simply destroy us. Companies are just not doing what they are supposed to do to fix the problem,” Kevin Johnson, the chief executive officer of cyber security company Secure Ideas said.
The computers which were crippled by the ransonware virus were running on the Windows operating system. After overwriting files and encrypting hard drives, the hackers demanded a ransom of $300 to be paid in bitcoins before they could restore access for the affected users. According to information obtained from a public ledger of bitcoin transactions, over 30 victims paid the ransom.
Microsoft, the maker of the operating system being targeted by the ransomware, indicated that spreading of the virus could happen via a flaw which was patched earlier in the year in an update.
The two countries which suffered the most were Ukraine and Russia as per information obtained from Kaspersky Lab, a maker of security software. Other victims were spread in other countries such as the United States, Poland, Italy, Germany, France and Britain.
Though information on the specific number of attacks could not be obtained, security experts are of the view that the impact will be smaller compared to the WannaCry cyberattack. This is because more computers have since then been patched with the update from Windows.
After the WannaCry attack industrial groups, security companies and governments aggressively urged consumers and corporate entities to ensure that all their computing infrastructure was patched with the Microsoft updates as a protective measure against future threats. The attack could, however, pose more danger than the regular ransomware strains since this one makes computers to become unresponsive as well as unable to reboot.
Some of the corporations that have emerged as victims of the attack include shipping firm Maersk, oil firm Rosneft and aircraft maker Antonov.