Hackers Strike Across Europe, Sparking Widespread Disruption

Merck has global locations including in Ukraine, where a new and highly virulent outbreak of malicious data-scrambling software causing mass disruption across Europe appeared to be hitting especially hard. In the United States, the malware affected companies such as the drugmaker Merck and Mondelez International, the owner of food brands such as Oreo and Nabisco. In April, a programmer developed a method to decrypt machines infected with the malware, though it’s unclear whether the procedure will work on the new iteration of Petya.The government press service said Petya hit “personal computers” of some individuals but not government servers.Company and government officials reported serious intrusions at the Ukrainian power grid, banks and government offices, where one senior official posted a photo of a darkened computer screen and the words “the whole network is down”. Ukrainian Railways and the communications company Ukrtelecom were among major enterprises hit, Infrastructure Minister Volodymyr Omelyan said in a Facebook post.However, the radiation monitoring system at Ukraine’s Chernobyl nuclear disaster site was taken offline.Beyond Ukraine and Russian Federation, the wave of cyberattacks also impacted Maersk, a global cargo shipping company and Saint-Gobain, a French company producing construction materials and British-based WPP.Within hours of the first attack, the U.S. Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries. It listed Poland, Italy and Germany, in that order, as the next-worst affected. A Wellsville, Ohio, woman at one of its hospitals to have her gallbladder removed said she noticed computer monitors off and nurses scurrying around with stacks of paperwork.On the heels of the WannaCry ransomware attacks last month, a second massive ransomware outbreak on Tuesday is once again putting the dangers of ransomware front and center on a global basis. Both spread using digital lock picks originally created by the NSA and later published to the web by a still-mysterious group known as the Shadowbrokers.According to Interfax-Ukraine, Ukrposhta, Ukrtelecom, the KLO gas station network also fell victim to the virus. Self-spreading software, often described as “worms”, are particularly feared because they can spread rapidly, like a contagious disease. “It’s like somebody sneezing into a train full of people”, he said.Reports of attacks spread quickly on Tuesday afternoon.Up to 30 percent of the total number of cyberattacks on Russian electronic infrastructure originate from the United States, Federation Council global committee chairman Konstantin Kosachev said Tuesday at a meeting of the upper house’s commission on protection of state sovereignty. In a telephone interview, Bitdefender analyst Bogdan Botezatu said that he had examined samples of the program and that it appeared to be almost identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months. It demanded $300 in Bitcoin. It said a rogue update seeded the infection across Ukraine. Ukranian officials confirmed the MeDoc link.The motives of those behind the malware remain unknown. State assets were peppered by hack attacks late a year ago, which followed a cyber assault in 2015 that caused a blackout in part of the country as the electric grid was hacked.But in the wake of today’s globe-spanning infections, Posteo announced today that all account access to the “wowsmith” address have been blocked, making it impossible for the group to read or respond to any messages sent to the address. The company added that it was in contact with German authorities “to make sure that we react properly”.Bajak reported from Dallas.