Rotterdam Port, TNT hit in new ransomware attack

By Janene Pieters on Wednesday, 28 June 2017 - 08:29
Hacker_-_Hacking_-_Symbol
Cybercrime file imageRendering: www.elbpresse.de / Christoph ScholzFlickr / Wikimedia CommonsCC-BY-SA

Countless computers across the world were infected with ransomware in a new global cyber attack. In the Netherlands the malware hit the APM container terminal in the port of Rotterdam, pharmaceutical MSD and package carrier TNT. There is no sense in paying the ransom, cyber security experts warn, broadcaster NOS reports.

According to the broadcaster, APM's parent company Maersk is facing problems worldwide today. The extent to which MSD is affected is unknown. TNT also would not comment on the consequences of the attack. But an employee told NOS that they are having massive problems. "Drivers no longer get jobs and booms won't open", the employee said. 

Ransomware blocks access to files on infected computers. Owners are then instructed to pay a sum of money - a ransom - to regain access to their files. This form of the virus makes the infected computers completely inaccessible, according to NOS. There is no sense in paying the ransom - victims are instructed to send proof of payment to an email address, but the provider took the address offline. Which means that no messages will be received. According to NU.nl, the ransomware used in this attack is called Petya

Several cyber security firms in the Netherlands also report that their clients were affected. Fox-IT knows of at least two customers hit in this attack. Their customers are panicking, according to the company."Companies find that one computer is infected and turn off their entire network", Ronald Prince of Fox-IT said. Consulting firm EY told NOS that at least four customers are facing major problems. "There are organizations that have to send their employees home", said Douwe Mik of EY.  Security company Dearbytes would not give exact numbers but did say that businesses were infected with the ransomware. 

The Dutch police implemented "precautionary measures" against a cyber attack that left some of the functionalities on the police website unavailable. These measures likely have to do with this ransomware attack.

The Ukraine seems to be the primary target of the attack. About 60 percent of the infections are in the Ukraine, and according to computer security company ESET, the attack started in the country. Ransomware infected the networks of the Ukrainian government, banks, energy companies and the Kiev airport. 

Companies in Russia, the United Kingdom, France, India and Poland were also infected. 

According to NOS, this virus is similar to the WannaCry virus that caused worldwide havoc in May, but is a different virus. It spreads very quickly and uses the same security issue to infect computers. Exactly what ransomware is involved is still unclear. 

Tags: