'Petya' Cyberattack Cripples Ukraine, And Experts Say It's Spreading Globally


Computers and departure boards at Boryspil International Airport in Kiev - the largest in Ukraine - were also affected. And law firm DLA Piper said it had taken down its systems in response to "a serious global cyber incident".

Kaspersky said its threat tracking tools have already detected more than 2,000 users that have been affected by the ransomware. "Other organisations have also been affected".

"It seems to be done by professionals criminals, and I think money is the motivation", said Sean Sullivan, a researcher at the Finnish cybersecurity group F-Secure.

"Even post WannaCry attack, with our experience we can say that over 50 per cent of Windows systems are still not patched across India".

Ukrainian Prime Minister Volodymyr Groysman wrote on Facebook that the attacks in his country were "unprecedented" but insisted that "important systems were not affected".

He said that a radiation leak was avoided due to "excess levels of control" at the plant but staff have had to manually monitor radiation levels, because they can't access the metrics on their computers.

Another massive ransomware attack has broken out in Ukraine and appears to be spreading across the world in a similar vein of the WannaCry cyber attack.

Group IB said the ransomware infects and locks a computer, and then demands a $300 ransom to be paid in Bitcoins.

Tweeted on 27 June by Maxim Eristavi, a fellow at Atlantic Council - and sourced from Twitter user Mikhail Golub - the picture shows bewildered shoppers looking on in confusion as every single computer terminal clearly displayed the ransomware demand.

Ukraine appears to have been particularly hard hit, with the country's government reporting that some of its systems, as well as those of key institutions including banks and telecom providers, had been affected.

"As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations", the central bank said in a statement.

Russian state oil giant Rosneft said earlier that its servers suffered a "powerful" cyberattack but thanks to its backup system "the production and extraction of oil were not stopped".

"Organizations in Russian Federation and the Ukraine are the most affected, and we have also registered hits in Poland, Italy, the UK, Germany, France, the United States and several other countries", Kaspersky said in a statement.

The US Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.

"Our global special situations management team is in place, and they are working to resolve the situation as quickly as possible", the company said in a statement.

Some cases of European companies with offices in the United States or based in the USA hit by the widespread attack were also reported.

In the U.S, a hospital in western Pennsylvania said it was dealing with a "widespread" cyberattack, but didn't immediately release further details.

The plant's destroyed reactor was enclosed in a huge metal structure past year in a bid to stop radiation leaks at the site, where more than 200 tonnes of uranium remain.