Another cyber attack has been made on some of the biggest organizations in the world, namely British advertising firm WPP, U.S. pharmaceuticals company Merck, global container shipping outfit A.P. Moller-Maersk, among other entities.
The attack was made on government computer systems in Ukraine, as well as across other countries right up to the U.S., with a demand for Bitcoin ransom.
Similar to WannaCry
The attack is being compared to the previous ransomware outbreak, WannaCry, which impacted more than 150 countries when it spread in May.
The latest cyber attack was made on ATMs, computers and even supermarket checkout systems, all of which were debilitated.
As a result, it was not possible to access those computer systems.
They displayed a message demanding a $300 ransom, to be paid in Bitcoins.
The attackers’ Bitcoin accounts have, however, been identified.
Security experts state that victims have already paid around 20 ransom payments.
According to the Atlantic Council Cyber Statecraft Initiative, the latest cyber attack virus is more dangerous than WannaCry.
The attacks could continue for several months if the virus is not detected and killed.
However, some security analysts claim that the recent cyber attack has made use of the same flaw that was used in the WannaCry attacks.
The recent cyber attack is smaller in scale when compared to WannaCry, but many organizations are wondering if they could have done more to protect themselves.
For example, they could have upgraded their security features after the WannaCry attack.
INTERPOL is monitoring the cyber attack scene very closely.
The U.S. computer emergency team has advised individuals and organizations against paying the ransom.
This is because there is no assurance that they will regain access to their systems, even after the ransom is paid.
Attack on Ukrainian Systems
Cybercrime units in Ukraine have identified the conduit used for making the attack.
According to the crime police of Ukraine, the virus that infiltrated Ukraine company computer systems was done through domestic accounting software, called ME doc.
However, this is not the only way in which the cyber attack was being conducted.
It has also been spread through campaigns involving phishing of emails.
Beginning in Ukraine
The latest cyber attack seems to have been first made in Ukraine.
It then went on to cripple thousands of computer systems all over the world.
It has resulted in the disruption of ports everywhere, from Mumbai in India to Los Angeles in the U.S.
It has even managed to completely put a stop to production in an Australian chocolate factory.
According to ESET, a company based in Slovakia, 80 percent of the infection was spread in systems in Ukraine.
Italy comes next, making up 10 percent of infections.
Accusations Pointed at Russia
Ukraine is the center of the cyber attacks this time.
The country has accused Russia of being the location of origin for the ransomware, but the Kremlin has denied all such allegations.
Russia claims to have no knowledge of the origin of this cyber attack.
In fact, the ransomware has also spread to Russian entities, namely the oil company Rosneft.
Such blanket accusations are not going to solve the problem of cyber attacks, according to a spokesperson from the Kremlin.
While it’s unclear who is behind this attack, it is also difficult to measure the extent of the impact on computer systems across the world.
The attack has caused global collateral damage, and it’s a very sophisticated malware that makes use of several hacking tools taken from the U.S. National Security Agency.
The Shadow Brokers hacking group leaked the tools online in April this year.
The malicious codes in this cyber attack locked down the affected computer systems and made a demand of $300 to be paid in Bitcoins.
The ransomware threatened the victims that they would lose all their data if they did not comply.
The tactic is similar to the ransomware attack made in May by WannaCry.
While analyzing the motives of the cyber attack, security experts are wondering whether all of this has to do with money or something else.
Experts claim that the amount demanded is too small.
It could mean that the hackers were more interested in disrupting and destroying systems rather than merely expecting financial gains.