advertisement
A ransomware attack hit computers across the world on 27 June, taking out servers at Russia's biggest oil company, disrupting operations at Ukrainian banks, and shutting down computers at multinational shipping and advertising firms.
Cyber security experts said those behind the attack appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
"It's like WannaCry all over again," said Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure.
Operations at one of the three terminals of the India's largest container port, the Jawaharlal Nehru Port (JNPT) were impacted as a fallout of the attack.
AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT, which has a capacity to handle 1.8 million standard container units.
Fearing some clogging up of cargo, additional parking space is being made available, the official said, promising to help in any way that is possible.
Earlier India's cyber security agency had told Reuters that it is yet to receive any reports of a latest ransomware attack hitting computers, after a Swiss government agency identified India as one of the main victims.
Sanjay Bahl of the New Delhi-based Computer Emergency Response Team said he was monitoring the situation.
Spokespeople for top companies such as Amazon India, Infosys , Tata Consultancy Services, Flipkart and Ola said their systems were unaffected.
Hypponen said he expected the outbreak to spread in the Americas as workers turned on vulnerable machines, allowing the virus to attack. “This could hit the USA pretty bad,” he said.
The US Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.
Within hours, the attack had gone global.
Danish shipping giant AP Moller-Maersk, which handles one out of seven containers shipped globally, said the attack had caused outages at its computer systems across the world on Tuesday, including at its terminal in Los Angeles.
Pharmaceutical company Merck & Co said its computer network had been affected by the global hack.
A Swiss government agency also reported computer systems were affected in India, though the country's cyber security agency said it had yet to receive any reports of attacks.
Reports said the Kiev metro system stopped accepting payment cards while several chains of petrol stations suspended operations. Ukraine's Deputy Prime Minister Pavlo Rozenko tweeted a picture of a computer screen showing an error message.
"We also have a network 'down'," Rozenko said on Facebook. "This image is being displayed by all computers of the government."
A ransomware cyber attack took place on Tuesday afternoon in Norway (local time) and affected an unnamed "international company", said the Nordic country's national security authority.
A ransomware attack encrypts one's email and computer and can only be unlocked if money is paid.
Germany's Metro said on Tuesday that its wholesale stores in the Ukraine were hit by a cyber attack and the retailer was assessing the impact.
It came as Russian oil giant Rosneft said its servers had suffered a "powerful" cyberattack.
Radiation Checks at Ukraine's Chernobyl Site Affected
Some radiation checks at the Chernobyl nuclear disaster site in Ukraine had to be carried out manually on Tuesday after a wave of cyber attacks that hit Ukrainian institutions affected operations there, a state agency said.
A representative of the agency told Reuters only the radiation checks on personnel entering and leaving the zone were done manually, while all other radiation monitoring was carried out as normal.
Russia's top oil producer Rosneft said a large-scale cyber attack hit its servers on Tuesday, with computer systems at some banks and the main airport in neighbouring Ukraine also disrupted.
It said it had no information that Swiss companies had been impacted, but said it was following the situation.
Seventeen shipping container terminals run by APM Terminals were hacked, including two in Rotterdam and 15 in other parts of the world, Dutch broadcaster RTV Rijnmond reported on Wednesday.
APM Terminals is a subsidiary of shipping giant Maersk , which has confirmed it is suffering from a cyber attack.
APM's website was difficult to reach and phones at its headquarters in The Hague and offices in Rotterdam went unanswered.
A spokeswoman for the company in Copenhagen confirmed its systems were "impacted" as part of Maersk's IT infrastructure.
The RTV report said computers were infected by ransomware that encrypted their hard drives. The broadcaster published an image of the screen of an affected machine with a message demanding a $300 payment.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)