Many Firms Hit by Global Cyber Attacks - Petrwrap


Firms around the globe are reporting that they have been hit by a major cyber-attack. Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month. Alan Woodward, a computer scientist at Surrey University, said: "It appears to be a variant of a piece of ransomware that emerged last year.

More on this story via the BBC.
10

Expert Comment

by:Daniella Barion
It happened again. Were people better prepared this time?
0
LVL 7

Expert Comment

by:Brian Matis
Given last week's $1 million payout, no surprise that new attacks are flaring up...
0
LVL 20

Expert Comment

by:Lucas Bishop
Given last week's $1 million payout, no surprise that new attacks are flaring up

The ransomware that targeted the hosting provider (Nayana) in South Korea was a finely targeted money grab. Bringing down a large web host and then negotiating payment is the perfect example of utilizing ransomware for monetary gain. However, that (imo) is a different ballgame.

The Wannacry and now KindaPetya are attempts to create economic losses and cripple national infrastructure. They aren't in it for the ransom. I'd be surprised if the bitcoin ever moves out of the receiving wallets.
1
LVL 20

Expert Comment

by:Andrew Leniart
Why can't these slimy criminals be traced down and dealt with once and for all?!? I just don't get it.  

Even when using BitCoin, somewhere there is an Internet provider who has a log of which IP accessed a bitcoin wallet and where that computer was at the time the access occurred. Why can't organizations like the FBI and Interpol force providers to supply those records for inspection in cases like this? And yes I know you can hide your identity and location with the use of multiple vpn's, but the same reasoning applies. Somewhere, there has to be a log!  So many questions, so few answers.

This type of greedy attack on humanity isn't just an inconvenience, it's potentially costing lives when hospital records are being crippled. I truly hope there isn't a single ransom payment as a result of this latest attack .. but I suspect that's just me being naive. sigh..
2
LVL 20

Expert Comment

by:Lucas Bishop
Tor + chained VPN to anonymize the user.
Bitcoin mixer(s) to anonymize the bitcoins.
Bitcoin wallet address created anonymously, offline.

But none of the bitcoins have moved. So...

Tracking down the culprits won't happen by following the blockchain or Tor exit nodes or asking some VPN provider in Iceland for a log file that potentially doesn't even exist. It will happen through tracking the origin of the ransomware. And for any smart alecks out there, I don't mean track it allllll the way back to the NSA.
0

Author Comment

by:Drew Frey
I wanted to provide an update for everyone as this thread is becoming more and more popular.

As this relates to Webroot, we currently protect against this variant.

We first saw it hit Webroot’s radars at around 10 am UTC today in the US, but it has since been seen in a number of other countries including Ukraine, Japan, China, and the UK. Early analysis appears to show the ransomware looks to encrypt the Master Boot Record (MBR) on infected machines as well as the victim’s files, similar to the Petya ransomware seen last year. A large percentage of infected machines appear to be Windows 7 and 10, with the majority running the 64-bit OS.

More from David Kennerley, Director of Threat Research at Webroot, on our community.
2

Author Comment

by:Drew Frey
June27Cyberattack_Social_800x650psd-.jpg
UPDATE

A host of companies across industries have confirmed attacks today by a brutal wave of ransomware, including global law firm DLA Piper, U.S. pharmaceutical giant Merck, and the Danish shipping company Maersk. Although targets originally appeared in Ukraine—shutting down power plants, banking services and supermarkets—this latest cyberattack has quickly spanned critical economic sectors around the globe.

Webroot customers are protected against this variant. This cyberattack was first seen by our threat research team at roughly 10:00 a.m. UTC today.

More information on our blog here.
2
LVL 20

Expert Comment

by:Lucas Bishop
In the meantime, Ukraine Twitter social media account manager is handling this situation like a boss:
https://twitter.com/Ukraine/status/879706437169147906
5
LVL 12

Expert Comment

by:Experts Exchange
They have a sense of humor.
2
LVL 17

Expert Comment

by:Ajit Singh
The Petya ransomware has caused serious disruption at large firms. Ransomware attack continue to be a huge challenge for organizations with incidents reaching record highs. This article explains bit more about 'Petya' ransomware attack strikes companies across Europe and US.
 
Also check this this article to defense the ‘Petya’ Ransomware Attack.
0

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month