Security

A New Rash of Cyberattacks Take Europe

The Petya ransomware attack is taking advantage of the same vulnerabilities as WannaCry.

Juliet is the senior web editor for StateTech and HealthTech magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.

A widespread ransomware assault, similar to the WannaCry attack that just a few weeks ago, hit Europe on Tuesday, targeting government and key infrastructure, the Washington Post reports.

Deputy Head of the Presidential Administration @dshymkiv instructed the team to help IT teams of other governmental institutions pic.twitter.com/iQw33ZJO7X

— The Bankova (@TheBankova) June 27, 2017

Ukraine was the first to report the hacking incidents, dubbed Petya, saying the attacks had targeted “government ministries, banks, utilities and other important infrastructure and companies nationwide,” the source reports, as well as airport departure tables. The ransomware is demanding cryptocurrency bitcoin payment from government employees before it will release encrypted data.

The attack is continuing to spread, with Russian oil company Rosneft and Danish transport and energy company Maersk reporting their systems are down due to cyberattacks.

We can confirm that Maersk IT systems are down across multiple sites and business units. We are currently assessing the situation.

— Maersk (@Maersk) June 27, 2017

The spreading mechanism is still unknown, but analysts at Symantec have reported that the ransomware is likely using EternalBlue, the same exploit used in the WannaCry attacks that takes advantage of a weakness in Microsoft’s server message block.

Symantec analysts have confirmed #Petya #ransomware, like #WannaCry, is using #EternalBlue exploit to spread

— Security Response (@threatintel) June 27, 2017

The issue has been patched, but customers need to apply the patch in order to keep their systems safe.