Massive Petya Ransomware Attack Cripples European IT Systems, Seeks Global Infestation
Kiev’s Borispol airport has also come under attack according to a Facebook posting, and the city’s metro system has seen its payment infrastructure infiltrated. However, the official Twitter account for the Ukraine was decidedly upbeat about the outbreak, breaking the tension with a little bit of humor:
Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue 👌 pic.twitter.com/RsDnwZD5Oj
— Ukraine / Україна (@Ukraine) June 27, 2017
Danish shipping and energy company Maersk has also been hit, and provided the following message via its website:
We can confirm that Maersk IT systems are down across multiple sites and business units due to a cyber attack. We continue to assess the situation. The safety of our employees, our operations and customer's business is our top priority. We will update when we have more information.
Other reports of ransomware attacks have been reported across Russia and in the United Kingdom. Even the United States hasn’t escaped the wrap of the ransomware, as global law firm DLA Piper reports that its computers and phone systems have been down for most of the day.
Posted by the Deputy Prime Minister of #Ukraine, Pavlo Rozenko,
— Christian Borys (@ItsBorys) June 27, 2017
This is what's happening to government computers right now. pic.twitter.com/SxCudRt0AD
So far, researchers are indicating that this latest ransomware is a variant of Petrwrap/Petya and is demanding that that victims hand over $300 worth of Bitcoin to recover their data.
Current situation of Petrwrap/wowsmith123456 ransomware - percentage of infections by country. pic.twitter.com/Q42WPlBlja
— Costin Raiu (@craiu) June 27, 2017
Costin Raiu, the Director of Global Research for Kaspersky Labs, reports that the ransomware has hit the Ukraine the hardest, with the Russian Federation coming in second. Poland is third place (so far), followed by Italy and Germany. However, the infections are starting to pick up steam across the globe.
Although some are quickly pointing finger at Russia for this attack (even though Russian oil company Rosnoft was targeted), it’s too early to determine where the software originated.