Cyberattacks Hit Major Companies Across Globe Experts said the attacks, which hit Merck, Rosneft and others, appeared to be ransomware By Robert McMillan, David Gauthier-Villars and James Marson

https://www.wsj.com/articles/cyberattacks-hit-global-companies-in-europe-1498575793?mod=nwsrl_middle_east_news

Cyberattacks wreaked havoc across Europe and the U.S. on Tuesday in a confidence-shaking attack that appeared to stem in part from an obscure Ukrainian tax software product.

The virus, whose victims included major global companies from Merck MRK -0.58% & Co. to PAO Rosneft , bore similarities to last month’s global ransomware attack but was in some ways more insidious, security experts say.

The attack, which security experts dubbed Petya, exposed fresh weakness in the computer systems that run modern-day societies as the virus rapidly spread unimpeded across Ukraine, Russia and other European and U.S. locations.

Researchers were still investigating late on Tuesday the source of the outbreak, which locked digital files and demanded payment for them to be returned at more than 100 companies and institutions.

But two companies investigating the outbreak say that a software update from Kiev-based Intellekt Servis was a principal—and inadvertent—source. The company described itself as a victim of Tuesday’s attack, saying the virus had disrupted its own operations. It said that when it released its latest software on June 22 it didn’t contain any virus.

Some experts disagreed with that assessment. The software was pushed out to customers five days ago and then quietly spread within corporate networks before being triggered on Tuesday, said Craig Williams, security outreach manager with Cisco Systems Inc., a networking hardware company, Kaspersky Lab ZAO, an antivirus company, also cited Intellekt Servis as a main source of the outbreak but saw no evidence of triggering mechanism.

The cyber security department of Ukraine’s national police warned on its Facebook page that preliminary analysis suggested the accounting software was “only one of the vectors of the attack.” The Russian security firm Group-IB agreed, saying it saw companies infected via malicious email attachments. CONTINUE AT SITE

Comments are closed.