New Ransomware Attack Takes Down Big CE, PR Companies
A new cyberattack, like WannaCry which bought down the Victorian Traffic Camera system, has hit WPP the owner of several PR Companies such as Ogilvy PR, Burson-Marsteller, Hill & Knowlton, these are agencies who work with major consumer electronics and appliance Companies in Australia.
Local operations of American food company Mondelez, including the Cadbury factory in Hobart, have been affected by a global IT outage, along with local staff of law firm DLA Piper.
As of 7.00am Eastern time this morning all WPP global sites were down.
The ransomware is spreading from Europe to the U.S to Australia, it’s already hit port operators in New York and Rotterdam, disrupting government systems in Kiev, and disabling operations such as WPP who own extensive marketing businesses in Australia including Singleton, Ogilvy & Mather and Young & Rubican.
Employees at WPP agencies in Europe have been told to turn off their computers and not use WIFI, according to a person familiar with the matter.
Sea Containers, the London building that houses WPP and agencies including Ogilvy & Mather, has been shut down, another person said. “IT systems in several WPP companies have been affected,” the company said in emailed statement.
A.P. Moller-Maersk, operator of the world’s largest container line that often ships consumer electronics and appliances to Australia, said its customers can’t use online booking tools and its internal systems are down. The attack is affecting multiple sites.
The attack follows the global ransomware assault involving the WannaCry ransomware that affected hundreds of thousands of computers in more than 150 countries as extortionists demanded $300 in bitcoin from victims. Several sites in Australia were affected.
Ransomware attacks have been soaring and the number of such incidents increased by 50 percent in 2016, according to Trend Micro.
Analysts at Symantec, have said the new ransomware, called Petya, uses an exploit called EternalBlue to spread, much like WannaCry. EternalBlue works on vulnerabilities in Microsoft Corp.’s Windows operating system.
The new ransomware has a fake Microsoft digital signature appended to it and the attack is spreading to many countries, Costin Raiu, director of the global research and analysis team at Moscow-based Kaspersky Lab, said on Twitter.