By Adrian M. Reodique
June 28, 2017
[Update on 30 June 2017, 4.30 pm (GMT +08:00) Latest findings from Kaspersky Lab and Comae Technologies suggest that this new malware is a wiper disguising as ransomware. More on that here: Wiper, not ransomware, behind recent cyberattacks, security experts say]
A new ransomware attack that first spread across Europe and United States has reportedly reach some parts of the Asia Pacific (APAC) region.
Bloomberg reported this morning that a terminal operated by A.P. Moller-Maersk at Jawaharlal Nehru Port Trust in India has been attacked by the new ransomware. As its computer systems were infected, the terminal was not able to load or unload because it could not identify the owners of the shipments, said Neeta Prasad, spokeswoman of India's shipping ministry.
"We can confirm that on Tuesday (27 June 2016), A.P. Moller-Maersk was hit as part of a global cyber-attack named Petya, affecting multiple sites and select business units. We are responding to the situation to contain and limit the impact and uphold operations," Maersk said in a tweet today.
In Australia, the Cadbury Factory in Tasmania reported that it was hit by the ransomware. In a Reuters' article today, Australian Manufacturing and Workers Union State Secretary John Short said the factory paused its production after its computer systems went down.
Mondelēz International Inc., the owner of Cadbury, issued a media statement yesterday about the IT outage but did not elaborate its cause. The company was also unable to determine when the systems will be restored.
"We will continue to work quickly to address the current global IT outage across Mondelēz International and to contain any further exposure to our network. Our teams are working offline in an effort to maintain business continuity with our customers and consumers around the world. We will share updates with our suppliers and partners as they become available," the company said.
Kaspersky Lab's telemetry data showed that around 2,000 users worldwide have been hit by the new ransomware. Organisations in Russia and Ukraine were found to be most affected by the malware.
So far, no government agencies or private companies in the Philippines has reported falling prey to the new ransomware, Allan Cabanlong, assistant secretary for Cybersecurity and Enabling Technologies at the Department of Information and Communications Technology (DICT), told Computerworld Philippines.
Similarly, the Singapore Computer Emergency Response Team (SingCERT) said it has not received any reports on the new ransomware infection. It added that none of Singapore's 11 Critical Information Infrastructure (CIIs) sectors nor any government systems are affected by the ransomware.