Ukraine deputy prime minister says government computer network down

ESET, an anti-virus vendor based in Bratislava, said 80 percent of all infections from the new attack detected among its global customer base were in Ukraine, with Italy second hardest hit at around 10 percent.Earlier in the day, the State Security Service of Ukraine said that a number of the country’s government agencies and private companies were affected by the ransomware attack.Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. Some analysts were calling the new form of ransomware Petya. “This image is being displayed by all computers of the government”, he said.Russia’s biggest oil company, Ukrainian banks and multinational firms were among those hit on Tuesday by the cyber extortion campaign, which has underscored growing concerns that businesses have failed to secure their networks from increasingly aggressive hackers.The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the U.S. National Security Agency and recently leaked to the web. Multinationals, including the global law firm DLA Piper and Danish shipping giant A.P. Moller-Maersk, were also affected.”A massive ransomware campaign is now unfolding worldwide”, said Romanian cybersecurity company Bitdefender. Microsoft issued a security fix in March, but Chris Wysopal, chief technology officer at the security firm Veracode, warned that would only be effective if 100 percent of computers on a company’s network were patched, saying that if one computer were infected, the malware could use a backup mechanism to spread to patched computers as well.”It’s like somebody sneezing into a train full of people”, Botezatu said. “It’s somewhat contained to the organizations that were connected to each other”, he said. It demanded $300 in Bitcoin. In a telephone interview, Bitdefender analyst Bogdan Botezatu said that he had examined samples of the program and that it appeared to be almost identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months. It overwrites a computer’s master boot record, making it tougher to restore even a machine that has been backed up, Kalember said. In a lengthy statement posted to Facebook, MEDoc acknowledged having been hacked.Emails sent Tuesday to an address posted to the bottom of ransom demands went unreturned. The company added that it was in contact with German authorities “to make sure that we react properly”.