The new cyber attack with ransomware - as malware is known to "hijack" data or files from a computer in exchange for a monetary rescue - has affected large European companies since yesterday, from banks to oil companies, airports and food companies, and expanded until arriving to Argentina and especially to our region, affecting the operation of the Cofco factory complexes, the Asian holding company.

The news about this new wave of computer attacks began arriving in the morning of yesterday from Russia and the Ukraine, to which Spanish, French companies and an important company of Denmark later joined, whose denunciations agreed in which it was a ransomware that it demanded the payment of the equivalent in bitcoins to 300 dollars to release the infected files.

"If you see this text, then your files are no longer accessible because they have been encrypted. Maybe you're busy looking for a way to recover your files, but do not waste your time. No one can retrieve their files without our decryption service, "says the message he noted on a number of computers still undetermined.

"From what we've been seeing, (infections in different countries) are related to the same ransomware family," Discounter, "a family very similar to" Petya, "which encrypts the machine's boot sector and then encrypts the archives, "Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory, told Telam.

Although the novelty of the attack the information available ESET is limited, "as it is spreading, it looks like WannaCry", the ransomware that in early May affected hundreds of thousands of computers around the world, and shares with this "worm characteristics: it spreads to other machines within the network", explained the specialist.

"The first analyzes show that the files that (the ransomware) encrypt are few compared to other threats. But they are .doc, .xls, .zip files and others in which the users usually store important information, which makes it harmful for companies, "he said.

Among those affected by the attack is Rosneft, Russia's leading oil producer and one of the largest in the world, which confirmed through its Twitter account that "the company's servers suffered a severe hacking attack".

"The hacking attack could have serious consequences, but (...) neither oil production nor refining have stopped," he added.
The metal sector giant, Evraz, was also affected, the Russian news agency RIA reported.

However, the largest number of victims are being detected in Ukraine, according to the researcher Costin Raiu, from the cybersecurity firm Kaspersky, who said that 60 percent of the victims are there.

In this country, the director of the Boryspyl airport, Yevhen Dykhne, maintained that the air terminal had also been hit by a cyber attack: "In relation to the irregular situation, some delays in flights are possible," he warned in his account. Facebook, according to Reuters.

Ukrainian Deputy Prime Minister Pavlo Rozenko said the government's computer network was also attacked and posted on Twitter a screenshot with the message of extortion.

For its part, another of the companies affected is the shipping company Moller-Maersk, the main industrial group in Denmark, which confirmed the failure of the computer systems of many of its business units.

In Spain, according to the newspaper El Confidencial, several multinationals were forced to paralyze their offices, such as the food company Mondelez (owner of brands such as Oreo) and the law firm DLA Piper, one of the largest law firms in the world.

Although the origin of the infection is unknown, the Russian cybersecurity firm Group IB reported that those responsible for the attack exploited a development of the National Security Agency of the United States (NSA) that had been leaked and then exploited in the WannaCry.

The Asian holding company Cofco is also counted among the victims of the mega attack, confirmed to SL24 company sources that the company's operations are still paralyzed.

For its part, the National Cryptological Center of Spain reported that this ransomware, like WannaCry, affects Windows systems, and warned victims that paying for the ransom demanded "does not guarantee that attackers send the utility and / or password deciphered, only rewards their campaign and motivates them to continue distributing this type of harmful code en masse ".

Bibliography:

The ports of Nidera and Cofco are still stopped by international hacker attack