Home » USA News
Reading News for You: Cyber attack sweeps globe, researchers see 'WannaCry' link
Tuesday, June 27, 2017
VietPress USA (June 27th, 2017): If you see the above screen, it means that youyr computer got the Virus attack throughout the globe today. Please read this news on Yahoo News at: https://www.yahoo.com/tech/cyber-attack-hits-oil-giant-banks-russia-ukraine-144918663--finance.html
VietPress USA
oOo
Cyber attack sweeps globe, researchers see 'WannaCry' link
Reuters By
Jack Stubbs, Pavel Polityuk and Dustin Volz,Reuters•June 27, 2017
Ransomware attack
strikes major company in the U.S.
By Jack Stubbs, Pavel Polityuk and Dustin Volz
MOSCOW/KIEV/WASHINGTON (Reuters) - A major global cyber
attack on Tuesday disrupted computers at Russia's biggest oil company,
Ukrainian banks and multinational firms with a virus similar to the ransomware
that last month infected more than 300,000 computers.
The rapidly spreading cyber extortion campaign underscored
growing concerns that businesses have failed to secure their networks from
increasingly aggressive hackers, who have shown they are capable of shutting
down critical infrastructure and crippling corporate and government networks.
It included code known as "Eternal Blue," which
cyber security experts widely believe was stolen from the U.S. National
Security Agency (NSA) and was also used in last month's ransomware attack,
named "WannaCry."
"Cyber attacks can simply destroy us," said Kevin
Johnson, chief executive of cyber security firm Secure Ideas. "Companies
are just not doing what they are supposed to do to fix the problem."
The ransomware virus crippled computers running Microsoft
Corp's Windows by encrypting hard drives and overwriting files, then demanded
$300 in bitcoin payments to restore access. More than 30 victims paid into the
bitcoin account associated with the attack, according to a public ledger of
transactions listed on blockchain.info.
Microsoft said the virus could spread through a flaw that
was patched in a security update in March.
"We are continuing to investigate and will take
appropriate action to protect customers," a spokesman for the company
said, adding that Microsoft antivirus software detects and removes it.
Russia and Ukraine were most affected by the thousands of
attacks, according to security software maker Kaspersky Lab, with other victims
spread across countries including Britain, France, Germany, Italy, Poland and
the United States. The total number of attacks was unknown.
Security experts said they expected the impact to be smaller
than WannaCry since many computers had been patched with Windows updates in the
wake of WannaCry last month to protect them against attacks using Eternal Blue
code.
Still, the attack could be more dangerous than traditional
strains of ransomware because it makes computers unresponsive and unable to
reboot, Juniper Networks said in a blog post analyzing the attack.
Researchers said the attack may have borrowed malware code
used in earlier ransomware campaigns known as "Petya" and
"GoldenEye."
Following last month's attack, governments, security firms
and industrial groups aggressively advised businesses and consumers to make
sure all their computers were updated with Microsoft patches to defend against
the threat.
The U.S. Department of Homeland Security said it was
monitoring the attacks and coordinating with other countries. It advised
victims not to pay the extortion, saying that doing so does not guarantee
access will be restored.
In a statement, the White House National Security Council
said there was currently no risk to public safety. The United States was
investigating the attack and determined to hold those responsible accountable,
it said.
The NSA did not respond to a request for comment. The spy
agency has not publicly said whether it built Eternal Blue and other hacking
tools leaked online by an entity known as Shadow Brokers.
Several private security experts have said they believe
Shadow Brokers is tied to the Russian government, and that the North Korean
government was behind WannaCry. Both countries' governments deny charges they
are involved in hacking.
'DON'T WASTE YOUR TIME'
The first attacks were reported from Russia and Ukraine.
Russia's Rosneft , one of the world's biggest crude
producers by volume, said its systems had suffered "serious
consequences," but added oil production had not been affected because it
switched over to backup systems.
Ukrainian Deputy Prime Minister Pavlo Rozenko said the
government's computer network went down and the central bank reported
disruption to operations at banks and firms including the state power
distributor.
Danish shipping giant A.P. Moller-Maersk said it was among
the victims, reporting outages at facilities including its Los Angeles
terminal.
WPP , the world's largest advertising agency, said it was
also infected. A WPP employee who asked not to be named said that workers were
told to shut down their computers: "The building has come to a
standstill."
A Ukrainian media company said its computers were blocked
and it was asked to pay $300 in the crypto-currency bitcoin to regain access.
"Perhaps you are busy looking for a way to recover your
files, but don't waste your time. Nobody can recover your files without our
decryption service," the message said, according to a screenshot posted on
Ukraine's Channel 24.
Russia's central bank said there were isolated cases of
lenders' IT systems being infected. One consumer lender, Home Credit, had to
suspend client operations.
Other companies that identified themselves as victims
included French construction materials firm Saint Gobain , U.S. drugmaker Merck
& Co and Mars Inc's Royal Canin pet food business.
India-based employees at Beiersdorf, makers of Nivea skin
care products, and Reckitt Benckiser , which owns Enfamil and Lysol, told
Reuters the ransomware attack had impacted some of their systems in the
country.
Western Pennsylvania's Heritage Valley Health System's
entire network was shut down by a cyber attack on Tuesday, according to local
media reports.
Last's month's fast-spreading WannaCry ransomware attack was
crippled after a 22-year-old British security researcher Marcus Hutchins
created a so-called "kill switch" that experts hailed as the decisive
step in slowing the attack.
Security experts said they did not believe that the ransomware released on Tuesday had a kill switch, meaning that it might be harder to stop.
Ukraine's cyber police said on Twitter that a vulnerability
in software used by MEDoc, a Ukrainian accounting firm, may have been an
initial source of the virus, which researchers including cyber intelligence
firm Flashpoint said could have infected victims via an illegitimate software
update.
In a Facebook post, MEDoc confirmed it had been hacked but
denied responsibility for originating the attack.
An adviser to Ukraine's interior minister said earlier in
the day that the virus got into computer systems via "phishing"
emails written in Russian and Ukrainian designed to lure employees into opening
them.
According to the state security agency, the emails contained
infected Word documents or PDF files as attachments.
(Reporting by European bureaux, Dustin Volz in Washinton,
Abhirup Roy in Mumbai; writing by Christian Lowe and Jim Finkle; editing by
Bill Rigby and Tom Brown)
www.Vietpressusa.us