“Massive Cyberattack” Spreads Across Europe, Hits Ukraine, Russia, UK, Denmark
Posted by Tyler Durden on June 27, 2017 4:30 pm
Tags: Computer network security, Computer security, Cryptography, Cyberattack, cyberattacks, Cybercrime, Cyberspace, cyberwarfare, December 2015 Ukraine power grid cyberattack, europe, fake news, FBI, Federal Bureau of Investigation, gif, Government, India, Modern history of Ukraine, National Bank of Ukraine, national police, national security, Norway, Organization of Ukrainian Nationalists, Pavlo Rozenko, Politics of Ukraine, Ransomware, Reuters, Russian intelligence, Security, Security engineering, social engineering, Technology, Twitter, ukraine, Ukraine central bank, Ukraine’s Central Bank, Viktor Gerashchenko, WannaCry ransomware attack, Western Ukraine
Categories: Computer network security Computer security Cryptography cyberattack Cyberattacks Cybercrime Cyberspace cyberwarfare December 2015 Ukraine power grid cyberattack Economy europe fake news FBI Federal Bureau of Investigation gif Government India Modern history of Ukraine National Bank of Ukraine national police national security Norway Organization of Ukrainian Nationalists Pavlo Rozenko Politics of Ukraine Ransomware Reuters Russian intelligence Security Security engineering social engineering Technology Twitter Ukraine Ukraine central bank Ukraine’s Central Bank Viktor Gerashchenko WannaCry ransomware attack Western Ukraine
Update 3: Germany’s Merck also confirms it has been affected by the cyberattack:
We confirm our company’s computer network was compromised today as part of global hack. Other organizations have also been affected (1 of 2)
— Merck (@Merck) June 27, 2017
We are investigating the matter and will provide additional information as we learn more. (2 of 2)
— Merck (@Merck) June 27, 2017
* * *
Update 2: RUSSIAN CENBANK SAYS AS A RESULT OF ATTACKS THERE HAVE BEEN ISOLATED CASES WHERE IT SYSTEMS INFECTED
* * *
Update: in addition to the below listed companies, all of which appear to have been targeted in the global cyberattack including Russia’s Rosneft and metals giant Evraz, Danish shipper Maersk, UK ad company WPP, the Ukraine central bank, government and airport, more targets are emerging including Norway’s national security authority which has said that a Ransomeware attack is ongoing in Norway “similar to the attack on Maersk”, while Russia’s Home Credit Bank said all domestic branches are closed because of the cyber attack.
As the Spectator adds, companies in Spain are also now affected by the cyberattack which appears to be a modification of the “WannaCry” virus, and has been named “Petya.”
A Moscow-based cyber security firm, Group-IB, said it appeared to be a coordinated attack simultaneously targeting victims in Russia and Ukraine, according to Reuters.
* * *
Now that CNN is officially out of the “Russia hacking” fake news business, the Ukraine has decided to fill in the void, and moments ago Ukraine’s Deputy Prime Minister Pavlo Rozenko said that the government’s computer network was down, in what he claimed was a “massive cyberattack”, one which has also impacted the central bank, power plant and airport, and promptly blamed Russia for being behind the attack without a shred of evidence. To “prove” the accusation, he posted a picture on Twitter of a computer screen showing an error message.
“We also have a network ‘down’,” he wrote. “This image is being displayed by all computers of the government.” The photo showed his PC displaying a message claiming a disk “contains errors and needs to be prepared”, urging the user not to turn it off.
??-???! ??????????? ??? ?? ???? ??? “????????”. ?????? ??????. pic.twitter.com/J2yoPPe37n
— Rozenko Pavlo (@RozenkoPavlo) June 27, 2017
According to local press, numerous Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, including banks, the state energy distributor and Kiev’s main airport. “We also have a network ‘down’,” Rozenko said on Facebook.
Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies.
According to Bloomberg, Kievenergo, a Ukrainian utility, switched off all computers after the hack, while another power company, Ukrenergo, was also affected, though “not seriously,” the Interfax news service reported. Ukrainian airports and railways are operating as usual, according to the Russian news service.
Ukrainian delivery network Nova Poshta halted service to clients after its network was infected, the company said on Facebook. Ukraine’s Central Bank warned on its website that several banks had been targeted by hackers.
After the attack, Ukraine quickly went for the empathy points, tweeting a meme from its official Twitter account.
“Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue,” the account tweeted. Attached was an infamous “this is fine” gif.
Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue ???? pic.twitter.com/RsDnwZD5Oj
— Ukraine / ??????? (@Ukraine) June 27, 2017
* * *
So who’s to blame? Why Russia of course.
Speaking to Interfax,the advisor to the Interior Minister of Ukraine, MP Anton Gerashchenko said that “a huge cyber-attack at Ukrainian companies on Tuesday has been organized by Russian intelligence services and it is one of the elements of the hybrid war against Ukraine,
“The intrusion is the biggest in Ukraine’s history,” Gerashchenko wrote on Facebook. The goal was “the destabilization of the economic situation and in the civic consciousness of Ukraine,” though it was “disguised as an extortion attempt,” he said.
“A huge cyber-attack has been started against Ukraine. It was done under the disguise that it is allegedly a virus… According to the preliminary information, this is an organized system, a kind of training by the Russian intelligence services. The attack aims at banks, media and transport communications,” he said on 112.Ukraine TV Channel on Tuesday.
One wonders if that preliminary information came from the same FBI that incorrectly claimed the Qatar hack was organized by Russia, when Qatar itself later blamed the “blockade” countries as being behind it.
Gerashchenko said that the virus reached computers during several days and even weeks via getting mails. “Today, at 11:00 [the computers] that were affected by the virus in advance were activated. Thus, this is another example of using cyber-attacks in the hybrid war against our country,” he said.
“I think that soon officers of the SBU, the cyber security department of the National Police will unveil the ways how this virus reached the targets and they propose the options to tackle the problem,” he said.
* * *
Meanwhile, the fall out in Ukraine, which claimed the cyberattacks are a modified version of the “WannaCry” virus, has been extensive with Ukrainian state-run aircraft manufacturer Antonov among the companies reportedly hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms.
“As a result of cyber attacks, these banks have difficulties with customer service and banking operations,” a statement said.
“The National Bank bank is confident that the banking infrastructure’s defense against cyber fraud is properly set up and attempted cyber attacks on banks’ IT systems will be neutralised.”
Oschadbank, one of Ukraine’s largest state-owned lenders, said some of its services had been affected by a “hacking attack” but guaranteed that customer data was safe.
Computers and departure boards at Boryspil International Airport in Kiev – the largest in Ukraine – were also down. “The official site of the airport and the scoreboard with the schedule of flights aren’t working!” the airport’s acting director, Pavel Ryabikin, wrote on Facebook.
* * *
It wasn’t just Ukraine however. As The Independent writes, Danish shipping giant Maersk said its IT systems were down across “multiple sites and
businesses due to a cyber attack”, although it was unclear whether it
was related to the situation in Ukraine. The congolmerate is the largest container shipping
company in the world and also operates in the oil and gas sectors.
Russia’s Rosneft, a government-owned oil firm, also said it was targeted by a “massive hacker attack” on its servers, as was steel maker
Evraz. “The cyber attack could lead to serious consequences, however, due to
the fact that the Company has switched to a reserve control system,
neither oil production nor preparation processes were stopped,” a
statement from Rosneft said.
British advertising company WPP also said several units were affected by a suspected cyber attack.
Or, as Reuters summarizes:
- SWISS GOV’T AGENCY SAYS UKRAINE, RUSSIA, ENGLAND AND INDIA ARE MOST AFFECTED BY VIRUS, NO INDICATION THAT SWISS COMPANIES AFFECTED
- SWISS GOV’T AGENCY SAYS THERE ARE INDICATIONS THAT PETYA RANSOMWARE VIRUS IS CIRCULATING AGAIN
It was not clear how and why Russian hackers would be able to hack the entire world, Russia included, but that probably does not matter: Ukraine has blamed Russia for repeated cyber attacks targeting
crucial infrastructure during the past three years, including one on its
power grid that left part of western Ukraine temporarily without
electricity in December 2015. Today was just a continuation, and after all the world still demand Russia hacking narratives.