“Massive Cyberattack” Spreads Across Europe, Hits Ukraine, Russia, UK, Denmark

Originally appeared at ZeroHedge

Update 3: Germany’s Merck also confirms it has been affected by the cyberattack:

* * *

Update 2: RUSSIAN CENBANK SAYS AS A RESULT OF ATTACKS THERE HAVE BEEN ISOLATED CASES WHERE IT SYSTEMS INFECTED

* * *

Update: in addition to the below listed companies, all of which appear to have been targeted in the global cyberattack including Russia’s Rosneft and metals giant Evraz, Danish shipper Maersk, UK ad company WPP, the Ukraine central bank, government and airport, more targets are emerging including Norway’s national security authority which has said that a Ransomeware attack is ongoing in Norway “similar to the attack on Maersk”, while Russia’s Home Credit Bank said all domestic branches are closed because of the cyber attack.

As the Spectator adds, companies in Spain are also now affected by the cyberattack which appears to be a modification of the “WannaCry” virus, and has been named “Petya.”

A Moscow-based cyber security firm, Group-IB, said it appeared to be a coordinated attack simultaneously targeting victims in Russia and Ukraine, according to Reuters.

* * *

Now that CNN is officially out of the “Russia hacking” fake news business, the Ukraine has decided to fill in the void, and moments ago Ukraine’s Deputy Prime Minister Pavlo Rozenko said that the government’s computer network was down, in what he claimed was a “massive cyberattack”, one which has also impacted the central bank, power plant and airport, and promptly blamed Russia for being behind the attack without a shred of evidence. To “prove” the accusation, he posted a picture on Twitter of a computer screen showing an error message.

“We also have a network ‘down’,” he wrote. “This image is being displayed by all computers of the government.” The photo showed his PC displaying a message claiming a disk “contains errors and needs to be prepared”, urging the user not to turn it off.

According to local press, numerous Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, including banks, the state energy distributor and Kiev’s main airport. “We also have a network ‘down’,” Rozenko said on Facebook.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies.

According to Bloomberg, Kievenergo, a Ukrainian utility, switched off all computers after the hack, while another power company, Ukrenergo, was also affected, though “not seriously,” the Interfax news service reported. Ukrainian airports and railways are operating as usual, according to the Russian news service.

Ukrainian delivery network Nova Poshta halted service to clients after its network was infected, the company said on Facebook. Ukraine’s Central Bank warned on its website that several banks had been targeted by hackers.

After the attack, Ukraine quickly went for the empathy points, tweeting a meme from its official Twitter account.

“Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue,” the account tweeted. Attached was an infamous “this is fine” gif.

* * *

So who’s to blame? Why Russia of course.

Speaking to Interfax,the advisor to the Interior Minister of Ukraine, MP Anton Gerashchenko said that “a huge cyber-attack at Ukrainian companies on Tuesday has been organized by Russian intelligence services and it is one of the elements of the hybrid war against Ukraine,

“The intrusion is the biggest in Ukraine’s history,” Gerashchenko wrote on Facebook. The goal was “the destabilization of the economic situation and in the civic consciousness of Ukraine,” though it was “disguised as an extortion attempt,” he said.

“A huge cyber-attack has been started against Ukraine. It was done under the disguise that it is allegedly a virus… According to the preliminary information, this is an organized system, a kind of training by the Russian intelligence services. The attack aims at banks, media and transport communications,” he said on 112.Ukraine TV Channel on Tuesday.

One wonders if that preliminary information came from the same FBI that incorrectly claimed the Qatar hack was organized by Russia, when Qatar itself later blamed the “blockade” countries as being behind it.

Gerashchenko said that the virus reached computers during several days and even weeks via getting mails. “Today, at 11:00 [the computers] that were affected by the virus in advance were activated. Thus, this is another example of using cyber-attacks in the hybrid war against our country,” he said.

“I think that soon officers of the SBU, the cyber security department of the National Police will unveil the ways how this virus reached the targets and they propose the options to tackle the problem,” he said.

* * *

Meanwhile, the fall out in Ukraine, which claimed the cyberattacks are a modified version of the “WannaCry” virus, has been extensive with Ukrainian state-run aircraft manufacturer Antonov among the companies reportedly hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected  along with financial firms.

“As a result of cyber attacks, these banks have difficulties with customer service and banking operations,” a statement said.

“The National Bank bank is confident that the banking infrastructure’s defense against cyber fraud is properly set up and attempted cyber attacks on banks’ IT systems will be neutralised.”

Oschadbank, one of Ukraine’s largest state-owned lenders, said some of its services had been affected by a “hacking attack” but guaranteed that customer data was safe.

Computers and departure boards at Boryspil International Airport in Kiev – the largest in Ukraine – were also down. “The official site of the airport and the scoreboard with the schedule of flights aren’t working!” the airport’s acting director, Pavel Ryabikin, wrote on Facebook.

"Massive Cyberattack" Spreads Across Europe, Hits Ukraine, Russia, UK, Denmark

* * *

It wasn’t just Ukraine however. As The Independent writes, Danish shipping giant Maersk said its IT systems were down across “multiple sites and
businesses due to a cyber attack”, although it was unclear whether it
was related to the situation in Ukraine. The congolmerate is the largest container shipping
company in the world and also operates in the oil and gas sectors.

Russia’s Rosneft, a government-owned oil firm, also said it was targeted by a “massive hacker attack” on its servers, as was steel maker
Evraz. “The cyber attack could lead to serious consequences, however, due to
the fact that the Company has switched to a reserve control system,
neither oil production nor preparation processes were stopped,” a
statement from Rosneft said.

British advertising company WPP also said several units were affected by a suspected cyber attack.

Or, as Reuters summarizes:

  • SWISS GOV’T AGENCY SAYS UKRAINE, RUSSIA, ENGLAND AND INDIA ARE MOST AFFECTED BY VIRUS, NO INDICATION THAT SWISS COMPANIES AFFECTED
  • SWISS GOV’T AGENCY SAYS THERE ARE INDICATIONS THAT PETYA RANSOMWARE VIRUS IS CIRCULATING AGAIN

It was not clear how and why Russian hackers would be able to hack the entire world, Russia included, but that probably does not matter: Ukraine has blamed Russia for repeated cyber attacks targeting
crucial infrastructure during the past three years, including one on its
power grid that left part of western Ukraine temporarily without
electricity in December 2015. Today was just a continuation, and after all the world still demand Russia hacking narratives.

Subscribe
Notify of
guest
55 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
jade villaceran

In soviet russia, russia blame russia

Alex Black

I got hit by a nasty malware attack yesterday, fortunately a logic bomb prevented serious damage. Exploit used mac messenger to transfer infected code onto target machines.

PZIVJ

You mean the worm that Solomon sent you?

Alex Black

Wasn’t sent, it was burrowed through several layers of VPN, antivirus, and a physical firewall. Identity of the attacker was not confirmed on my end.

Alex Black

possibly, but it wont happen again ;)

Alex Black

I do think it is interesting that this article comes out the day after the attack on my network. And solomon is either a paid contributor or watched by people with access to sophisticated exploits. Same is likely true of More, and fake pseudonazis who attempt to delegitimize analysis and content here and on other information sources by linking it to zionism and other propaganda.

PZIVJ

I’ll leave my home computer off today.
I don’t care about my work computer :DDDD

Alex Black

I was able to fix the exploit by changing permission on the messenger app. I think it is how the exploit that affects my network was able to spread.

Solomon Krupacek

your batyushka putinn sent worm :DDDD

Solomon Krupacek

you are also insane :D

PZIVJ

We where just discussing whether the virus you infected Alex’s network with and this big mess in Europe had any connection. I mean, you do live there right?

Solomon Krupacek

and how COULD I INFECT his network???

Solomon Krupacek

guys, i considered you both for more intelligent

Solomon Krupacek

you insane :DDD

Concrete Mike

I dont think its Solomon, most likely whoever is Watching him.

Either that or you watched some bad porn LOL, happenes to all of us hehehe.

Alex Black

I unblocked mr. Solomon for lack of proof.

Alex Black

The problem with the porn theory is that the attack came across imessage, and due to the unique configuration of my system failed, as it created a logic bomb leading the partition to collapse upon itself. In retrospect, solomon likely lacks the skills for such a sophisticated move.

Concrete Mike

It was more à joke than anything… I apoligize, this attack must have been infuriating to you, so you Said imessage….so someone or something sent à fishy txt message to you?

Alex Black

no, the app started sucking up bandwidth and then attempted to create 4 files. The files then attempted to access various system processes and crashed due to the fact that the attacker mistakenly believed they were attacking a 2013 iMac. The exploit, caused the affected system to crash(i do not believe this was the goal), had to restore from backup. It was infuriating. My unsubstantiated claim against Solomon was unwarranted. I submitted the 4 files to my antivirus provider. Hopefully they are able to solve the exploits and cost the attackers a lot of money.

Concrete Mike

Fascinating, thank you for explaining it to a Guy that only knows rocks.

FlorianGeyer

How did you manage to take a photo of Solomon ? He rarely gets to go out much these days.

PZIVJ

He was spotted near the Israeli Embassy receiving a package. Then he quickly scurried away.

FlorianGeyer

Ah, I see. He always did like bagels I am told. His stomach is said to be bagel shaped as well.

Concrete Mike

LOLOLOL

Real Anti-Racist Action

I am sure Israel is putting together some ‘secret’ intelligence report gathered by some ‘anonymous’ field sources to send the ‘fact’ finding report to the UK and USSA that it was Russia behind everything ha ha ha
Below is Kaspersky’s site of FREE tools to help remove any viruses.
Also includes an automatic UPDATER tool for any and all software on your PC for maximum protection.
Go check out the website everyone for your on safety.
http://free.kaspersky.com/us

chris chuba

NSA originated Malware = Russian Cyber warfare.

On are more serious note, is Russia transitioning away from Windows towards something more secure like Linux? I know that Macs are expensive. Fun fact, Mac OS was built on top of Free BSD. They tried to build their own OS scheduler but dropped it because they realized it was a waste of resources.

Real Anti-Racist Action

Russian company Kaspersky launches ‘secure operating system’ — with no trace of Linux or Windows.
https://os.kaspersky.com/

Pave Way IV

“…No need to panic, we’re putting utmost efforts to tackle the issue…”

Zaporizhzhya Nuclear Power Plant – Europe’s largest – says nothing to worry about – none of the six reactors have melted down (as far as they can tell). Oh, but you can’t email the plant or see their web site: http://www.npp.zp.ua/ Err… down for maintenance, I guess. What could possibly go wrong?

https://uploads.disquscdn.com/images/1668c97a92fad57e67eebeaf3e00389a04ca42c099dc383453f070d8b500a863.jpg .

Michael Drysdale

all those were told to update their software according to microsoft

MeMadMax

NEVER run win10, rollback to 7 if you can…

MeMadMax

I work tier1 support for a large anti virus company.
Don’t run Edge, and don’t run Win10. If you can, rollback to Win7.
Good luck out there.

Manuel Chrut

You “sound” more biased than factual. Could you be more specific as to why people should avoid Windows 10?

MeMadMax

No. You won’t listen to me anyways, you think you are top shit.

Manuel Chrut

Should this arrogant comment somehow prove your previous claim? You haven’t specified a single piece of information, why should anyone believe any of what you wrote? I work in IT, too, and not as some support.

From what I can quickly find about the topic, Windows 10 seems more secure that Windows 7.
https://betanews.com/2016/11/24/windows-10-security-emet/
https://forums.anandtech.com/threads/thus-far-is-windows-10-more-or-less-secure-than-windows-7-64-bit.2485746/

MeMadMax

Umm… your first link says Windows 10 is less secure than Windows 7… Right on the freakin title…

Case Closed.

Manuel Chrut

The title is a click-bait, look at the comparison table:
Win10 + EMET > Win 7 + EMET > Win10 > Win7

So obviously it’s best to install EMET regardless of which Windows version you are using, but disregarding that (with or without EMET), Windows 10 supports more security features than Windows 7.

MeMadMax

Dude, are you serious? Nobody installs that shit except for admins in-the-know.
Out of the box, win10 is a serious security hole… our in house shit proves it, our customers prove it, former MS employees prove it, researchers prove it, and when you try to third party plug the holes, MS REMOVES that shit… And now, MS is well on it’s way to if you try to third party it will render windows useless… WTF? Are you serious? Anyways, your loyalty to MS and Win10 is yours and I don’t really give a shit. Have fun.

Solomon Krupacek

upper i wrote the defense against this worm. it was published officially.

of course, this worm again attacks older OS. win10 always automatically freshes the patches. can be only delayed by user, not blocked.

John Mason

Cortana is a liability on Win10 for starters. Win7 Pro you use Group Policy, Firewall to protect your PC.

Manuel Chrut

Cortana can be turned off as well as many other privacy concerns. I believe Microsoft already reacted to the complains about this issue.

“Win7 Pro you use Group Policy, Firewall to protect your PC.”
It’s all also in Windows 10.

John Mason

Cortana can not be turned off and to use Group Policy you must have Win 7/10 Pro or higher, Cortana will run in the background.

Manuel Chrut

I see a lot of guides about how to disable Cortana completely or to stop it from gathering data. If it doesn’t gather any data, what’s the problem?

Besides, would this (privacy concern) really be a reason to rollback to older operating system?

John Mason

Cortana is not a utility program but imbedded into the kernel, you can stop its’ basic functions but it still accesses the net, it leaves a foot print that can be traced. Windows Home has no group policy where you can prevent certain functions. All Windows report to MS, the only way around that is not to use it on the net.

Solomon Krupacek

stupidity. win 7 is more vulnerable

John Mason

Has NSA written all over it, spreading chaos globally then the US comes to the rescue. Fairytale.

chris chuba

As much as I loathe our criminal foreign policy establishment, I think it went down like this.
1. NSA originates Malware (old news, totally irresponsible, I noted the MSM’s lack of interest in our culpability on my facebook page only to hear screaming crickets)

2. Real criminals take advantage of the hack.

3. Many countries outside the U.S. still use the older version of Windows vulnerable to the malware for various legitimate reasons. The people in my country are asses for blaming the victim.

4. Yeah, the virus probably does hit Ukraine harder because the Russians took more active measures to protect their computers mo’s ago that the Ukrainians didn’t benefit from because of the blessings of Maidan.

John Mason

NSA uses another party to distribute the viruses. Years ago you had the ‘White and Black Hat hackers’ who worked with the US intelligence services on a pretext to confirm security on Unix/Windows systems.

Solomon Krupacek

so friends, there is the easy way against this virus

create in notepad file called perfc.dat

make it only read

copy in windows root folder

thats all.

Concrete Mike

I know nothing about this shit, I know rocks, so explain to à dummy like me what this notepad file does? What on it?

Im very suspicious…

Solomon Krupacek

it was published on intiviral portal. the worm will read this .dat file, and because is only read, will not do changes. so, you save your computer. but can widespread from you to others.