Cyber attack hits Asia: chocolate factory and container port operators among victims

The latest ransomware virus, named ‘Petya’, has crippled computers running Microsoft Windows by encrypting hard drives and overwriting files, then demanding US$300 in bitcoin to restore access

PUBLISHED : Wednesday, 28 June, 2017, 12:18pm
UPDATED : Wednesday, 28 June, 2017, 6:58pm

A new cyber attack similar to WannaCry has reached Asia after spreading from Europe to the US overnight, hitting businesses, port operators and government systems.

The Jawaharlal Nehru Port Trust, the facility near Mumbai which is operated by A.P. Moller-Maersk and is India’s largest container operation, was affected, according to a report by the Press Trust of India.

One of the three terminals is now at a standstill because the computer systems were disabled. The attack is being carried out by the Petya virus, with users being told to pay US$300 in cryptocurrency per infected computer to unlock their systems.

The spread of the attack across the globe and into Asia underscores how ransomware is becoming a routine risk of doing business. While banks and retailers have strengthened their defences against certain types of attacks, such as those aimed at stealing credit card data, many other enterprises are still catching up in guarding against ransomware.

About 2,000 users had been attacked as of midday Tuesday in North America, according to Kaspersky Lab analysts, with organisations in Russia and the Ukraine the most affected.

Watch: new cyberattack causes mass disruption globally

A Cadbury chocolate factory has also become the first Australian business to be hit by the, a trade union official said, underscoring the rapid spread of the latest ransomware extortion campaign.

Production at the Cadbury factory on the island state of Tasmania ground to a halt late on Tuesday after computer systems went down, said Australian Manufacturing and Workers Union state secretary John Short.

Factory workers “weren’t sure what it was but, as the night’s gone on, they’ve realised there’s been some significant attacks around the world”, Short said.

Australian staff of global law firm DLA Piper Ltd were quoted telling domestic media they were shut out of their computer systems because of the attack. DLA Piper said in a statement it was hit by a suspected malware attack and that it was “taking steps to remedy the issue”.

Australian Cyber Security Minister Dan Tehan said the attack, a month after the similar WannaCry attack, was “a wake-up call to all Australian businesses to regularly back up their data and install the latest security patches”.

The hack quickly spread from Russia and the Ukraine, through Europe and into the U.S. A.P. Moller-Maersk said its customers can’t use online booking tools and its internal systems are down. The attack is affecting multiple sites and units, which include a major port operator and an oil and gas producer, spokeswoman Concepcion Boo Arias said.

APM Terminals, owned by Maersk, is experiencing system issues at multiple terminals, including the Port of New York and New Jersey, the largest port on the US East Coast, and Rotterdam in The Netherlands, Europe’s largest harbour.

APM Terminals at the Port of New York and New Jersey will be closed for the rest of the day “due to the extent of the system impact,” the Port said.

The new virus has a fake Microsoft digital signature appended to it and the attack is spreading to many countries, Costin Raiu, director of the global research and analysis team at Moscow-based Kaspersky Lab, said on Twitter.

The attack has hit Ukraine particularly hard. The intrusion is “the biggest in Ukraine’s history,” Anton Gerashchenko, an aide to the Interior Ministry, wrote on Facebook.

The goal was “the destabilisation of the economic situation and in the civic consciousness of Ukraine,” though it was “disguised as an extortion attempt,” he said.

Bloomberg, Reuters