Accessibility links

Breaking News

Europol: Tuesday’s Worldwide Cyberattack ‘More Sophisticated’ Than Previous Hacks


Customers queue in 'Rost' supermarket in Kharkiv, Ukraine, June 27, 2017 in this picture obtained from social media.
Customers queue in 'Rost' supermarket in Kharkiv, Ukraine, June 27, 2017 in this picture obtained from social media.

A cyber-attack Tuesday that hit companies across the world is similar to a ransomware attack last month that targeted hospitals in Britain, although the most recent hack was potentially “more sophisticated,” according to the European police agency.

Europol director Rob Wainwright called the hack “another serious ransomware attack.” He said it bore resemblances to the previous "WannaCry" hack, but also showed indications of a "more sophisticated attack capability intended to exploit a range of vulnerabilities."

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, May 15, 2017.
A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, May 15, 2017.

The WannaCry hack sent a wave of crippling ransomware to hospitals across Britain in May, causing the hospitals to divert ambulances and cancel surgeries. Researchers eventually found a way to thwart the hack, but only after around 300 people had already paid the ransom.

The cyberattack Tuesday caused disruptions at companies in 64 different countries, including America's Merck pharmaceutical company, Russia's Rosneft oil giant, British advertising agency WPP and French industrial group Saint-Gobain.

It also disrupted operations Wednesday at India's largest container port, adding to the headaches of governments and businesses affected by so-called ransomware code that takes a user's data hostage until the victim agrees to pay for its release.

The problems at Jawaharlal Nehru Port in Mumbai involved a terminal run by Danish shipping outfit A.P. Moller-Maersk.

Trucks carrying containers wait to enter the Jawaharlal Nehru Port Trust (JNPT) on the outskirts of Mumbai, India, June 28, 2017.
Trucks carrying containers wait to enter the Jawaharlal Nehru Port Trust (JNPT) on the outskirts of Mumbai, India, June 28, 2017.


From Europe to US

The company had said Tuesday as the attack was spreading largely in Europe and the United States that the malicious code was affecting terminals "in a number of ports."

Australia's Cyber Security Minister Dan Tehan told reporters Wednesday that officials have not yet confirmed the same computer virus was responsible for ransomware attacks on two Australian companies, but that "all indications would point to" that being the case.

Banks, government offices and airports in Ukraine were among the first to report the cyberattack.

A U.S. National Security Council spokesman said the Department of Homeland Security, the FBI and other agencies are "working with public and private, domestic and international partners to respond to this event and provide technical information for prevention and remediation."

"Individuals and organizations are discouraged from paying the ransom as this does not guarantee access will be restored," the spokesman added.

Europol's European Cybercrime Center has told anyone affected by Tuesday's attack to report the crime to national police, and encouraged them not to pay any ransom requested by hackers.

Eternal Blue

The computer virus used in the attack includes code known as Eternal Blue, a tool developed by the NSA that exploited Microsoft's Windows operating system and which was published on the internet in April by a group called Shadowbrokers. Microsoft released a patch in March to protect systems from that vulnerability.

Tim Rawlins, director of the Britain-based cybersecurity consultancy NCC Group, says these attacks continue to happen because people have not been keeping up with effectively patching their computers.

"This is a repeat WannaCry type of outbreak and it really comes down to the fact that people are not focusing on what they should be focusing on, the very simple premise of patching your systems," Rawlins told VOA.

Jeff Seldin and Victor Beattie contributed to this report.

WATCH: What is ransomware?

What Is Ransomware?
please wait
Embed

No media source currently available

0:00 0:01:02 0:00

  • 16x9 Image

    VOA News

    The Voice of America provides news and information in more than 40 languages to an estimated weekly audience of over 326 million people. Stories with the VOA News byline are the work of multiple VOA journalists and may contain information from wire service reports.

XS
SM
MD
LG