A widespread ransomware assault, similar to the WannaCry attack that just a few weeks ago, hit Europe on Tuesday, targeting government and key infrastructure, the Washington Post reports.
— The Bankova (@TheBankova) June 27, 2017
Ukraine was the first to report the hacking incidents, dubbed Petya, saying the attacks had targeted “government ministries, banks, utilities and other important infrastructure and companies nationwide,” the source reports, as well as airport departure tables. The ransomware is demanding cryptocurrency bitcoin payment from government employees before it will release encrypted data.
The attack is continuing to spread, with Russian oil company Rosneft and Danish transport and energy company Maersk reporting their systems are down due to cyberattacks.
We can confirm that Maersk IT systems are down across multiple sites and business units. We are currently assessing the situation.
— Maersk (@Maersk) June 27, 2017
The spreading mechanism is still unknown, but analysts at Symantec have reported that the ransomware is likely using EternalBlue, the same exploit used in the WannaCry attacks that takes advantage of a weakness in Microsoft’s server message block.
— Security Response (@threatintel) June 27, 2017
The issue has been patched, but customers need to apply the patch in order to keep their systems safe.