Posts Tagged ‘cyber security’

Israeli leader in Argentina, lauds effort to solve 1994 Jewish center bombing

September 13, 2017

Image may contain: 2 people, suit

Argentine President Mauricio Macri gives Israeli Prime Minister Benjamin Netanyahu a box with hard drives containing all of Argentina’s government archives related to the Holocaust, during a ceremony at the Casa Rosada Presidential Palace in Buenos Aires Tuesday. | REUTERS

BUENOS AIRES (Reuters) – Benjamin Netanyahu on Tuesday used the first Latin America visit of a sitting Israeli prime minister to praise President Mauricio Macri’s effort to solve the bombing of a Buenos Aires Jewish center in 1994 that killed 85 people.

Argentine courts have blamed the attack on Iran. But no one has been brought to trial in either that case or the deadly 1992 bombing of the Israeli embassy in Buenos Aires. Iran denies playing a role in either attack.

“We know without a doubt that Iran and Hezbollah initiated and backed up the attacks,” Netanyahu told reporters. Hezbollah is an Islamist militant group based in Lebanon.

He praised fellow conservative Macri for jump-starting efforts to solve the crimes. Critics accuse previous Argentine leader Cristina Fernandez of trying to improve ties with Iran rather than focusing on bringing the bombers to justice.

“He strengthened Argentina’s position compared with what it was before. I honor his commitment and the integrity of his effort to determine what happened,” Netanyahu said.

Under Fernandez, the prosecutor probing the attack on the AMIA Jewish community center was found dead in January 2015, just hours before he was to appear in Congress to outline his accusation that Fernandez had tried to clear the way for a “grains for oil” deal with Iran by whitewashing Iran’s role in the truck bombing.

The prosecutor, Alberto Nisman, was discovered on the floor of his Buenos Aires apartment with a pistol by his side and a bullet in his head. The death was classified as a suicide, but Nisman’s family and friends dismissed that idea as absurd.

Opinion polls show most Argentines believe his death was a homicide.

Macri won the presidency and succeeded Fernandez in late 2015. He has since boosted ties with the United States and Israel while trying to attract the foreign investment he says is needed to stimulate an economy damaged by the inflationary policies and heavy currency controls of the Fernandez years.

Macri has met with Nisman’s family and says he has made a high priority of solving his death and the AMIA bombing.

Netanyahu and Macri are also “in ideological harmony” on issues like free trade, development and security, Israel’s ambassador to Argentina Ilan Sztulman told local radio.

Netanyahu is traveling with executives of 30 Israeli companies looking to increase trade with Latin America.

They include cyber security, irrigation and other agricultural technology firms that could help Argentina reinforce its position as the world’s top exporter of soymeal livestock feed and a major supplier of corn and raw soybeans.

After Argentina, Netanyahu will visit Colombia and Mexico before addressing the United Nations General Assembly on Sept. 19. The diplomatic flurry might take domestic attention off two corruption investigations centering on Netanyahu in Israel.

He was accompanied on the trip by his wife Sara Netanyahu. On Friday, Israel’s attorney general said he was considering indicting her on suspicion of using state funds for personal dining and catering services amounting to some $100,000.

Additional reporting by Eliana Raszewski in Buenos Aires and Jeffrey Heller in Jerusalem; Editing by Bernadette Baum and Howard Goller

Advertisements

Instagram Says Hack That Targeted Celebrities Was Wider Than Previously Thought

September 2, 2017

Theft of email addresses and phone numbers also affected regular users; company says no passwords were stolen

Image result for Instagram, cell phone app, photos

Sept. 1, 2017 7:40 p.m. ET

Social-media app Instagram said a hack it disclosed earlier this week affected a larger number of users than it previously detected.

Instagram, owned by Facebook Inc., FB 0.03% earlier this week said hackers stole email addresses and phone numbers—but not passwords—tied to some celebrity accounts.

On Friday, the photo- and video-sharing app said the theft affected regular users as well and wasn’t just “targeted at high-profile users.” Instagram reiterated that no passwords were stolen.

The contact information was stolen after hackers exploited a bug in Instagram’s software that the company says has since been patched up.

Instagram, which has 700 million monthly users, said it doesn’t know which specific accounts were affected and said a “low percentage” of its users were affected, without providing more specific figures.

Stolen email addresses and phone numbers aren’t as sensitive as passwords, because it typically takes a lot of work to gain control of a user’s phone number or email account without the help of a stolen password, cybersecurity experts say. Gaining access to somebody’s password could be more harmful.

The stolen data are being sold online, according to Instagram. Some information was up for sale for $10 through a database called Doxagram, which claimed to have some contact information for high-profile accounts including that of Facebook Chief Executive Mark Zuckerberg  and pop star Rihanna.

“Out of an abundance of caution, we encourage you to be vigilant about the security of your account, and exercise caution if you observe any suspicious activity such as unrecognized incoming calls, texts, or emails,” Instagram co-founder Mike Krieger said in a blog post.

Earlier this week, hackers reportedly pried into the account of singer Selena Gomez and posted nude photos of her ex-boyfriend, the pop star Justin Bieber.  An Instagram spokesman declined to say if Ms. Gomez was among those affected by the breach.

Write to Deepa Seetharaman at Deepa.Seetharaman@wsj.com

https://www.wsj.com/articles/instagram-says-hack-that-targeted-celebrities-was-wider-than-previously-thought-1504309242

Norway tightens IT security, vote count procedures in run-up to election

September 1, 2017

Reuters

OSLO (Reuters) – Norway is tightening security procedures ahead of parliamentary elections on Sept. 11 to prevent possible vote tampering, the government said on Friday.

The security of IT systems will be enhanced, and all votes must be counted manually at least once in addition to the customary scanning of ballot papers by computers, it added.

There are no indications that anyone is trying to improperly influence the outcome of the election, the government also said.

Reporting by Terje Solsvik; editing by John Stonestreet

The U.S. Navy is staffed by humans

August 26, 2017

By Ravi Velloor
The Straits Times

Four days after the USS John S. McCain suffered major damage in a collision while on approach to Singapore, questions swirl about the manner of the accident, and its reasons.

That it should have come so soon after a sister vessel the USS Fitzgerald suffered a similar accident while leaving a Japanese port, has raised a bunch of troubling questions.

As they say, the first time may be an accident and the second coincidence, but three becomes a pattern.

In the US Navy’s case – or more specifically, the 7th Fleet’s case – there have been not three, but four costly mishaps just this year.

Two other ships currently deployed to the Asia-Pacific, the USS Antietam that ran aground in Tokyo Bay and the USS Lake Champlain that struck a South Korean fishing boat, suffered damage this year.

That certainly makes for a pattern. With a US warship calling in Singapore every three days or so, there is every reason for the Republic to take more than a little interest in what’s going on.

Naturally, conspiracy theories abound.

One line of thinking is that hackers may have corrupted the massive computer systems of the John S. McCain and perhaps, other vessels.

In the case of the John S. McCain, that does not seem the case. Admiral Scott Swift, commander of the Pacific fleet, seems to have ruled out a cyber attack in near categorical terms.

Adm Swift should know, of course, but George Kurtz, former head of technology at MacAfee who now owns CrowdStrike, one of the world’s top cyber security companies, had a more nuanced view.

Image may contain: outdoor

USS John S. McCain sustained damage to her port side, which is the left side of the vessel facing forward. Photo was taken off Changi Naval Base on Aug 21, 2017. ST PHOTO: ​DESMOND FOO

 

While declining to speculate, he told me that any assessment of an incident of this nature would necessarily have to be placed in a geo-political context.

In the John S. McCain’s case, it had just completed a Freedom of Navigation Operation, or FONOP, in the South China Sea where it was repeatedly warned by Chinese vessels.

The current chatter in cyber security circles, he said, is that while the McCain’s computers may not have been compromised, it is probably worth examining if anyone could have tinkered with the GPS system to send her, or the other vessel, off course by a few hundred metres.

It is an interesting theory and not the first time it has come up for mention.

In the James Bond movie Tomorrow Never Dies, Pierce Brosnan is sent off by MI-6 on precisely such a mission: to block a power-mad media tycoon’s attempt to start the next world war by engineering an incident at sea. In that instance, a British man of war is diverted into the hands of what appears to be Chinese military, sparking fury in Whitehall.

While nothing can be ruled out these days, the likely explanation could be more mundane and hark back to the essence of the craft – the quality of seamanship.

All major navies of the world do suffer accidents. It is estimated that since World War II, the major navies would have together recorded at least 1,400 mishaps.

Closer home, in early 2014, the Indian Navy chief, Admiral DK Joshi, quit after a series of accidents involving his force. The costliest of those mishaps was the loss of a docked Kilo class submarine that sank after an explosion on board while loading missiles for a mission.

At the time, poor observance of protocols was cited as the reason. The larger pattern was one of falling standards, poor equipment, and inadequate training.

But the United States is considered the gold standard of the navy game. It has the best technology, whether for the turbines that provide the power below deck, or in the missiles and radars stacked above. Its warships are designed for far greater crew comfort, than, say, a comparable Russian craft. And it is the rare naval officer in the world who has not read up on the life and times of Admiral Hyman Rickover, father of the US nuclear navy, or wished to be like him.

Yet, the US Navy too is staffed by humans. And there is little doubt that its personnel have been under strain and its resources stretched.

The US Congress was recently informed that about 100 ships have been deployed every day since 2001, the year the US suffered the 9/11 attacks. Since its current strength is 277 vessels that makes for a massive utilisation ratio. This, naturally, tells on maintenance, crew rest and training.

While President Donald Trump has said he wants to take the navy to 350 ships, that is a long way away.

In the immediate future, the pressure on its resources will only grow since many ships are due to have completed their normal use cycle and come due for retirement, or scrapping.

http://www.straitstimes.com/opinion/us-navy-mishap-james-bond-or-poor-seamanship

Related:

.
.
.

UK hacker who halted ‘WannaCry’ cyber attack pleads not guilty in US court

August 14, 2017

AFP and the Associated Press

© Joshua Lott, AFP | Marcus Hutchins (R) the British cyber security expert accused of creating malware that steals banking passwords, arrives at a US Federal Courthouse in Milwaukee on August 14.

Text by NEWS WIRES

Latest update : 2017-08-14

A British cybersecurity researcher credited with helping curb a recent worldwide ransomware attack pleaded not guilty Monday to federal charges accusing him of creating malicious software to steal banking information three years ago.

Marcus Hutchins entered his plea in Wisconsin federal court, where prosecutors charged him and an unnamed co-defendant with conspiring to commit computer fraud in the state and elsewhere. Authorities arrested the 23-year-old man on Aug. 2 at McCarran International Airport in Las Vegas, where he was going to board a flight to his home in Ilfracombe, England. He had been in Las Vegas for a cybersecurity convention.

Hutchins is free on $30,000 bail, but with strict conditions. His bond has been modified so that he can stay in Los Angeles near his attorney and travel anywhere in the U.S., but Hutchins is not allowed to leave the country. He is currently staying at a hotel in Milwaukee.

He was also granted access to use a computer for work, a change from an earlier judge’s order barring him from using any device with access to the internet. Hutchins’ current work wasn’t detailed at Monday’s hearing. The next hearing in the case was set for Oct. 17.

Hutchins’ attorney, Adrian Lobo, hasn’t responded to several phone messages left by The Associated Press over the last week.

>> Read more: How vulnerable are we to cyberattacks?

The legal troubles Hutchins faces are a dramatic turnaround from the status of cybercrime-fighting hero he enjoyed four months ago when he found a “kill switch” to slow the outbreak of the WannaCry virus. It crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.

Prosecutors allege that before Hutchins won acclaim he created and distributed a malicious software called Kronos to steal banking passwords from unsuspecting computer users. In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization.

UK HEALTH CARE HIT BY CYBER ATTACK: ‘THIS IS VERY SERIOUS’

The indictment says the crimes happened between July 2014 and July 2015, but the court document doesn’t offer any details about the number of victims. Prosecutors have not said why the case was filed in Wisconsin. The name of Hutchins’ co-defendant is redacted from the indictment.

Hutchins faces decades in prison if convicted on all the charges.

(AP)

Indonesia, Russia to work together to fight terrorism

August 9, 2017

AFP

© AFP | Russian Foreign Minister Sergei Lavrov talks with his Indonesian counterpart Retno Marsudi

JAKARTA (AFP) – Indonesia and Russia pledged Wednesday to strengthen cooperation in cyber-security and counter-terrorism as concern grows about the spread of radicalism in Southeast Asia.

Russian Foreign Minister Sergei Lavrov, who is on a two-day visit to Indonesia, said the two countries would work together more closely to counter the spread of Islamic State (IS) ideology.

“The threat that the ISIL is has not vanished. Its members have been spreading all over the world, including areas close to the Russian and Indonesian borders,” Lavrov said, using another acronym for the group.

Hundreds of radicals from Indonesia have flocked abroad to fight with IS, and the country has seen a surge in plots and attacks linked to the jihadists over the past year.

Indonesian officials have also said dozens of Indonesians have travelled to the southern Philippine city of Marawi to fight with militants loyal to IS.

The militants seized parts of the city over two months ago and have resisted all attempts by the Philippine army to evict them.

“We have agreed that our special services will pay particular attention to increasing coordination in our joint efforts to fight this scourge,” Lavrov said.

Indonesian Foreign Minister Retno Marsudi said the two countries had strong ties on political and defence issues, and Indonesia wanted to deepen trade ties.

The ministers also discussed tensions on the Korean peninsula, the South China Sea and conflict in the Middle East, but gave no details.

HBO Cyberattack Is ‘Seven Times Worse’ Than The Sony Hack — Video and sound files — 1.5 terabytes of data

August 3, 2017
 No automatic alt text available.

The latest HBO hacking scandal is shaping up to be much, much worse than a few leaked Game of Thrones episodes.

Now the FBI is getting involved, according to the latest update from the Hollywood Reporter. The cyberattack that occurred earlier this week compromised around 1.5 terabytes of data, which, it turns out, is seven times the amount of data that was leaked during the 2014 Sony hack (around 200 gigabytes of data).

Image result for news for bigger than sony pictures

What makes this hack even more frightening is that, according to multiple sources, there has been no ransom declared. That means the hackers’ motivation may have less to do with money and more to do with a political agenda, harnessing the power to release potentially compromising data (including internal memos and email correspondence) for HBO and its investors.

As of now, the only data that’s been released by the hacker group—going by the Game of Thrones-referencing alias “little.finger66″—is the script of an upcoming episode of the aforementioned television show, along with full episodes of Ballers and Room 104. But that hardly amounts to the 1.5 terabytes that could theoretically be unleashed.

“If not for video and sound, a corporation the size of HBO might fit [entirely] in a terabyte, including all the email and spreadsheets ever written or stored,” Farsight Security CEO Paul Vixie told the Hollywood Reporter. Video and sound files, meanwhile, take up much more space on their own, It’s still unclear whether the hackers took mostly video content (episodes of Game of Thrones and other popular HBO series) or printed content (documents, emails, etc.); FBI officials working with HBO have declined to elaborate. But their possession of a script hints that they have access to text-based files, which could be far more damaging to HBO’s internal operations than a few episode leaks. (Game of Thrones already has a huge pirating problem.)

Another widely-reported hacking incident occurred earlier this summer, when a collective known as TheDarkOverlord released all 10 episodes of the new Orange Is the New Black season before its official June release on Netflix. But in that case, it was only the television episodes, not internal documents, that were stolen, and there was a ransom involved. The HBO hack much more closely resembles the Sony security breach, which led to Sony co-chairman Amy Pascal stepping down from her position and may have even affected the 2016 election.

For the moment, all HBO can do is continue their investigation, and hope that little.finger66 doesn’t plan on releasing information far more damning than the upcoming deaths in Westeros.

http://www.newsweek.com/hbo-cyberattack-sony-hack-leak-game-thrones-645450

See also:

http://www.hollywoodreporter.com/news/hbo-hack-insiders-fear-leaked-emails-as-probe-widens-1025827

Trump Backtracks on U.S.-Russia Cyber Unit, Says It Cannot Happen

July 10, 2017

WASHINGTON — U.S. President Donald Trump on Sunday backtracked on his push for a cyber security unit with Russia, tweeting that he did not think it could happen, only hours after promoting it following his talks with Russian President Vladimir Putin.

“The fact that President Putin and I discussed a Cyber Security unit doesn’t mean I think it can happen. It can’t,” Trump said on Twitter. He then noted that an agreement with Russia for a ceasefire in Syria “can & did” happen.

(Reporting by Phil Stewart; Editing by Peter Cooney)

US, Israel set up team to combat cybersecurity threat

June 29, 2017

 June 26, 2017, 4:18 pm
The world needs Iron Dome ingenuity as threats move from missiles to malware, US official Thomas Bossert says at Tel Aviv conference
Thomas Bossert, assistant to the US President Donald Trump for Homeland Security and Counter-terrorism, speaks in Tel Aviv, June 26, 2017. (Courtesy)

Thomas Bossert, assistant to the US President Donald Trump for Homeland Security and Counter-terrorism, speaks in Tel Aviv, June 26, 2017. (Courtesy)

Israel and the US are set to collaborate in cybersecurity, a senior White House official said at a conference in Tel Aviv Monday.

“I announce today the commencement of an Israeli US bilateral cyber working group,” Thomas Bossert, assistant to the US President Donald Trump for Homeland Security and Counter-terrorism said at the Cyber Week 2017 conference in Tel Aviv Monday.

No automatic alt text available.

The group will strive to defend critical infrastructure against attackers and to track down perpetrators. It will be led by Rob Joyce, the US White House cybersecurity coordinator, and Israel’s Eviatar Matania, director general of the National Cyber Directorate. It will include US and Israeli representatives from various ministries and defense organizations including foreign affairs and justice, and the secret service.

The team will convene this week, Bossert said.

“The meetings this week will focus on a range of cyber issues — critical infrastructure, advanced R&D, international cooperation, and workforce,” Bossert said, adding that these will be the first steps in strengthening bilateral ties in cyber issues.

Prime Minister Benjamin Netanyahu speaks at Cyber Week in Tel Aviv, June 26, 2017. (Courtesy/Chen Galili)

Prime Minister Benjamin Netanyahu speaks at Cyber Week in Tel Aviv, June 26, 2017. (Courtesy/Chen Galili)

The agencies will be… “focused on finding and stopping cyber adversaries before they enter networks, before they reach critical infrastructure and identifying ways to hold bad actors accountable,” Bossert said. “We believe the agility Israel has in developing solutions will resolve in innovative cyber defenses that we can test here and take back to America.”

Bossert said that increased cyber defense and deterrence are critical today, in a world in which the cyber threat from nations is growing, and an international consensus needs to be built regarding what is “responsible state behavior.” International norms must be set out and implemented, he said. And those who do not comply with these norms should be punished.

“It is time to consider different approaches,” he said, and the US is seeking to set up bilateral agreements with other partners globally who hold the same values. “There should be consequences for destruction,” he said.

The cyber sphere “is one of the biggest strategic challenges since 9/11,” he said, “because while physical borders are important, cyberspace knows no boundaries.”

“Nations have the ability to steal sensitive information and data and destroy systems and the trend is heading in the wrong direction,” Bossert said. Destructive attacks are being executed by belligerent nations – North Korea attacked Sony and Iran attacked Saudi Arabia in cyber attacks – and “neither of theses countries have near the sophistication and resources of China and Russia.”

It was the kind of technology evident in the Iron Dome missile defense system, Bossert said, that the world needs as the threat moves from missiles to malware.

Bossert said he was at the conference to talk about cybersecurity, but he was also there to say that “President Trump understands that the United States cannot lessen our engagement in this region… and cannot lessen our support for Israel.”

When Prime Minister Benjamin Netanyahu voiced his objection to “appeasing Iran” and enabling its nuclear aspirations, he did so at “great professional risk and took political criticism for stating an unpopular truth,” Bossert said. “He was right, he was courageous, the American people agree with him and now he is a partner with President Trump and the Israeli people have a stronger and deeper relationship with the US.”

A Tamir missile fired from an Iron Dome missile defense battery during a trial in the United States in April 2016. (Rafael Advanced Defense Systems)

A Tamir missile fired from an Iron Dome missile defense battery during a trial in the United States in April 2016. (Rafael Advanced Defense Systems)

At the conference, Prime Minister Benjamin Netanyahu said that Israeli technology and its cybersecurity leadership are opening doors to the world, breaking down hostilities and the Arab boycott.

“Once it was a disadvantage to say you are from Israel,” Netanyahu said. “Today when you talk about cyber or advanced technologies, it is an advantage. It is advantage to say I am an Israeli company.”

“There used to be a thing called the Arab boycott; that’s dissipating, for many, many reasons: strategic, and the prominence of Israel in the technological field,” he said.

Israel’s National Cyber Defense Authortity helps its members, who are from government and business organizations, to communicate in a secure way with each other to “not only to respond to attacks but to prevent them,” he said.

Every month Israel experiences dozens of cyber attacks at a national level, and at “every given moment, including right now, there are probably three to five attacks on a national level that emanate from various sources,” he said.

Cooperation between nations is important, Netanyahu said, “because we are better together,” and Israel has become an “attractive target” for cybersecurity investment, garnering about 20 percent of global private cybersecurity investment in 2016.

http://www.timesofisrael.com/us-israel-set-up-team-to-combat-cybersecurity-threat/

Related:

New computer virus spreads from Ukraine to disrupt world business

June 28, 2017

Reuters

By Eric Auchard, Jack Stubbs and Alessandra Prentice | FRANKFURT/MOSCOW/KIEV
.

A cyber attack wreaked havoc around the globe on Wednesday, crippling thousands of computers, disrupting operations at ports from Mumbai to Los Angeles and halting production at a chocolate factory in Australia.

The virus is believed to have first taken hold on Tuesday in Ukraine where it silently infected computers after users downloaded a popular tax accounting package or visited a local news site, national police and international cyber experts said.

The malicious code locked machines and demanded victims post a ransom worth $300 in bitcoins or lose their data entirely, similar to the extortion tactic used in the global WannaCry ransomware attack in May.

More than 30 victims paid up but security experts are questioning whether extortion was the goal, given the relatively small sum demanded, or whether the hackers were driven by destructive motives rather than financial gain.

Hackers asked victims to notify them by email when ransoms had been paid but German email provider Posteo quickly shut down the address, a German government cyber security official said.

Ukraine, the epicenter of the cyber strike, has repeatedly accused Russia of orchestrating attacks on its computer systems and critical power infrastructure since its powerful neighbor annexed the Black Sea peninsula of Crimea in 2014.

The Kremlin, which has consistently rejected the accusations, said on Wednesday it had no information about the origin of the global cyber attack, which also struck Russian companies such as oil giant Rosneft (ROSN.MM) and a steelmaker.

“No one can effectively combat cyber threats on their own, and, unfortunately, unfounded blanket accusations will not solve this problem,” said Kremlin spokesman Dmitry Peskov.

ESET, a Slovakian company that sells products to shield computers from viruses, said 80 percent of the infections detected among its global customer base were in Ukraine, with Italy second hardest hit with about 10 percent.

The aim of the latest attack appeared to be disruption rather than ransom, said Brian Lord, former deputy director of intelligence and cyber operations at Britain’s GCHQ and now managing director at private security firm PGI Cyber.

“My sense is this starts to look like a state operating through a proxy … as a kind of experiment to see what happens,” Lord told Reuters on Wednesday.

Customers queue in ‘Rost’ supermarket in Kharkiv, Ukraine June 27, 2017 in this picture obtained from social media. MIKHAIL GOLUB via REUTERS

ETERNAL BLUE

While the malware seemed to be a variant of past campaigns, derived from code known as Eternal Blue believed to have been developed by the U.S. National Security Agency (NSA), experts said it was not as virulent as May’s WannaCry attack.

Security researchers said Tuesday’s virus could leap from computer to computer once unleashed within an organization but, unlike WannaCry, it could not randomly trawl the internet for its next victims, limiting its scope to infect.

Bushiness that installed Microsoft’s (MSFT.O) latest security patches from earlier this year and turned off Windows file-sharing features appeared to be largely unaffected.

There was speculation, however, among some experts that once the new virus had infected one computer it could spread to other machines on the same network, even if those devices had received a security update.

After WannaCry, governments, security firms and industrial groups advised businesses and consumers to make sure all their computers were updated with Microsoft (MSFT.O) security patches.

Austria’s government-backed Computer Emergency Response Team (CERT) said “a small number” of international firms appeared to be affected, with tens of thousands of computers taken down.

Security firms including Microsoft, Cisco’s (CSCO.O) Talos and Symantec (SYMC.O) said they had confirmed some of the initial infections occurred when malware was transmitted to users of a Ukrainian tax software program called MEDoc.

The supplier of the software, M.E.Doc denied in a post on Facebook that its software was to blame, though Microsoft reiterated its suspicions afterwards.

“Microsoft now has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process,” it said in a technical blog post.

Russian security firm Kaspersky said a Ukrainian news site for the city of Bakhumut was also hacked and used to distribute the ransomware to visitors, encrypting data on their machines.

CORPORATE CHAOS

A number of the international firms hit have operations in Ukraine, and the virus is believed to have spread within global corporate networks after gaining traction within the country.

Shipping giant A.P. Moller-Maersk (MAERSKb.CO), which handles one in seven containers shipped worldwide, has a logistics unit in Ukraine.

Other large firms affected, such as French construction materials company Saint Gobain (SGOB.PA) and Mondelez International Inc (MDLZ.O), which owns chocolate brand Cadbury, also have operations in the country.

Maersk was one of the first global firms to be taken down by the cyber attack and its operations at major ports such as Mumbai in India, Rotterdam in the Netherlands and Los Angeles on the U.S. west coast were disrupted.

The company said on Wednesday it was unable to process new orders and its 76 terminals around the world were becoming increasingly congested.

Other companies to succumb included BNP Paribas Real Estate (BNPP.PA), a part of the French bank that provides property and investment management services.

“The international cyber attack hit our non-bank subsidiary, Real Estate. The necessary measures have been taken to rapidly contain the attack,” the bank said on Wednesday.

Production at the Cadbury factory on the Australian island state of Tasmania ground to a halt late on Tuesday after computer systems went down.

Russia’s Rosneft, one of the world’s biggest crude producers by volume, said on Tuesday its systems had suffered “serious consequences” but oil production had not been affected because it switched to backup systems.

(Additional reporting by Helen Reid in London, Teis Jensen in Copenhagen, Maya Nikolaeva in Paris, Shadia Naralla in Vienna, Marcin Goettig in Warsaw, Byron Kaye in Sydney, John O’Donnell in Frankfurt, Ari Rabinovitch in Tel Aviv and Noor Zainab Hussain in Bangalore; Editing by David Clarke)

Related:

.

.
*********************************************
.
Chocolate Factory Becomes Australia’s First Victim of Latest Cyber Attack

SYDNEY — A Cadbury chocolate factory has become the first Australian business to be hit by a global cyber attack, a trade union official said, underscoring the rapid spread of the latest ransomware extortion campaign.

The attack has already disrupted computers at Russia’s biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that infected more than 300,000 computers last month.

Production at the Cadbury factory on the island state of Tasmania ground to a halt late on Tuesday after computer systems went down, said Australian Manufacturing and Workers Union state secretary John Short.

Factory workers “weren’t sure what it was but, as the night’s gone on, they’ve realised there’s been some significant attacks around the world”, Short told Reuters.

Cadbury owner Mondelez International Inc said in a statement released overnight staff in various regions were experiencing technical problems but it was unclear whether this was due to a cyberattack.

A Mondelez spokeswoman in Australia had no immediate comment.

The Cadbury factory, which employs about 500 people, makes about 50,000 tonnes of chocolate a year, mostly for sale in Australia. Production remained frozen on Wednesday morning and it was unclear when it would resume, Short said.

Image result for Cadbury factory, australia, photos

Australian staff of global law firm DLA Piper Ltd were quoted telling domestic media they were shut out of their computer systems because of the attack. DLA Piper said in a statement it was hit by a suspected malware attack and that it was “taking steps to remedy the issue”.

Australian Cyber Security Minister Dan Tehan said the attack, a month after the similar WannaCry attack, was “a wake-up call to all Australian businesses to regularly back up their data and install the latest security patches”.

The latest ransomware virus, named “Petya”, has crippled computers running Microsoft Corp’s Windows by encrypting hard drives and overwriting files, then demanding $300 (234 pounds) in bitcoin to restore access.

It includes code known as “Eternal Blue”, which cyber security experts widely believe was stolen from the U.S. National Security Agency and was also used in the WannaCry attack.

Mike Sentonas, regional vice president of U.S. cybersecurity company CrowdStrike Inc, said it was unclear how many Australian computers were affected by the latest attack but “what is different about this ransomware is its ability to spread, even if a computer has been patched”.

(Reporting by Byron Kaye; Editing by Paul Tait)