▲ Up
 
20:43 26-07-2017
АКИpress CA-News Tazabek Turmush
ADVERTISE WITH US SUBSCRIBE
KazakhstanKyrgyzstanMongoliaTajikistanTurkmenistanUzbekistanWorld
POLITICSBUSINESSINCIDENTSSOCIETYCULTURESPORTANALYSISSCIENCE
Petya cyber attack: Ransomware virus hits computer servers across globe
11:06, 28 June 2017, 1022
Image: Public Domain
Twitterfacebookprint

AKIPRESS.COM - A ransomware attack has struck across the globe, taking out servers at Russia's biggest oil company and shutting down computers at multinational businesses.

The malicious software locks up computer files with all-but-unbreakable encryption and then demands a ransom in the virtual currency bitcoin for its release.

Many organizations in Europe and the US have been crippled by a ransomware attack dubbed “Petya”. 

It’s the second major global ransomware attack in the last two months.

In early May, Britain’s National Health Service (NHS) was among the organizations infected by WannaCry, which used a vulnerability first revealed to the public as part of a leaked stash of NSA-related documents released online in April by a hacker group calling itself the Shadow Brokers.

The WannaCry or WannaCrypt ransomware attack affected more than 230,000 computers in over 150 countries, with the UK’s national health service, Spanish phone company Telefónica and German state railways among those hardest hit.

Like WannaCry, Petya spreads rapidly through networks that use Microsoft Windows, The Guardian reported.

What is ransomware?

Ransomware is a type of malware that blocks access to a computer or its data and demands money to release it.

How does it work?

When a computer is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in Bitcoin, for a digital key needed to unlock the files. If victims don’t have a recent back-up of the files they must either pay the ransom or face losing all of their files.

How does the Petya ransomware work?

The Petya ransomware takes over computers and demands $300, paid in Bitcoin. The malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows (Microsoft has released a patch, but not everyone will have installed it) or through two Windows administrative tools. The malware tries one option and if it doesn’t work, it tries the next one. “It has a better mechanism for spreading itself than WannaCry”, said Ryan Kalember from cybersecurity company Proofpoint.

Where did it start?

The attack appears to have been seeded through a software update mechanism built into an accounting program that companies working with the Ukrainian government need to use, according to the Ukrainian Cyber Police. This explains why so many Ukrainian organizations were affected, including government, banks, state power utilities and Kiev’s airport and metro system. The radiation monitoring system at Chernobyl was also taken offline, forcing employees to use hand-held counters to measure levels at the former nuclear plant’s exclusion zone.

How far has it spread?

The “Petya” ransomware has caused serious disruption at large firms in Europe and the US, including the advertising firm WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft. The food company Mondelez, legal firm DLA Piper, Danish shipping and transport firm AP Moller-Maersk and Heritage Valley Health System, which runs hospitals and care facilities in Pittsburgh, also said their systems had been hit by the malware.


Full access to all news articles in English

1 month2000 somsubscribe
year20000 somsubscribe
These subscription fees are for private individuals only. Please contact us via phone +996 (312) 900-776 or email info@akipress.org for corporate subscription inquiries
Twitterfacebookprint
LATEST NEWS
17:23 'Turnover between Kyrgyzstan and Kazakhstan amounted to $339.3 mln in January-May' - Minister of Economy17:21 EU to open Delegation to Mongolia17:16 US moves one step closer to imposing fresh Russia sanctions17:14 Atambayev signs ratification of $20 mln loan from Saudi Fund for Development for North-South Road rehabilitation17:12 Kyrgyzstan ratifies agreement with Georgian on avoidance of double taxation16:57 Men who wanted give a ride to 24yo Polish woman in Issyk-Kul tell their versions of what happened16:55 11 civil servants from Kyrgyzstan to attend graduate school in South Korea16:52 Kyrgyzmani gains 4th place at Asian Weightlifting Championship in Nepal16:14 France wildfires force mass evacuation16:08 Chairperson of Yakutia's State Assembly presented to Kyrgyz Academy of Sciences works of Kyrgyz authors translated into Yakut16:05 Election Commission recommends Tekebayev to appeal to court for a permission to Kyrgyz language test that presidential candidates must pass16:05 Special bricks used in construction of Burana tower found during excavations in Naryn15:50 Indian PM Modi invites Mongolia's Battulga to visit India15:49 Eyewitness tells court about robbing Bakiyevs' properties with help of Ata-Meken MPs15:45 Kyzylorda region plans to export meat to Russia15:26 Mass bull die off reported in Jalal-Abad pasture15:24 MFA of Kyrgyzstan, French Senators discuss upcoming elections in Kyrgyzstan15:15 EU court backs migrant deportations by Austria, Slovenia15:06 John Malkovich arrives in Astana15:02 Government approves draft protocol on requirements for exporting horses to China
© AKIpress News Agency - 2001-2017. All rights reserved
Republication of any material is prohibited without a written agreement with AKIpress News Agency. Any citation must be accompanied by a hyperlink to akipress.com.
Our address:
Moskovskaya str. 189, Bishkek, the Kyrgyz Republic
e-mail: english@akipress.org, akipressenglish@gmail.com;
Tel/Fax: +996(312)90-07-75