Companies Struggle to Restore Operations after Crippling Cyber Attack

The virus known as NotPetya has crippled operations at companies around the world, including major shipping operator A.P. Moeller-Maersk. The virus has been especially troublesome in Ukraine, but has hit major corporations in many countries. Nick Kostov and Costas Paris report: 

Companies that reported disruptions included U.S. pharmaceuticals firm Merck & Co., British advertising giant WPP Group PLC and Russian oil producer PAO Rosneft. Rosneft said on Twitter Wednesday that the virus hadn’t affected production, but added that “it is premature to evaluate the cyber attack impact.”

Mondelez International Inc. confirmed Wednesday that it was also a victim, a day after it said it was investigating an outage of its global IT network. A spokesman said the cause was determined to be a virus, which had been isolated, though the company’s systems remain down. The maker of Oreo cookies and Trident gum is working with outside specialists and global security agencies, aiming to minimize any impact on deliveries of its food to retailers.

In Ukraine, the country that appeared most affected by the attack, the government said it had halted the spread of the virus and that key government and business systems were stable. But others were still struggling Wednesday to restore critical operations. One of those most severely affected: Maersk, a key cog in the world’s global supply chain.

Maersk said early Wednesday that widespread computer outages at its APM Terminals subsidiary were preventing it from taking new bookings or offering quotes at affected terminals. Later in the day, the company said it was accepting cargo bookings through a third-party platform for existing accounts, though booking confirmations would take longer than usual. “We are still working on resuming normal operation,” the company said on Twitter.

Ports in the U.S., Europe and India reported some Maersk-run container terminals weren’t taking ships. Whether those APM port closures ricochet more broadly will depend on how quickly Maersk restores systems, shipping experts said.

At Forbes, Thomas Fox-Brewster explains how to protect yourself from NotPetya:

One way of preventing a PC getting infected is by tricking the malware into thinking it’s already on the computer. This can be done by heading to the Windows directory folder (C:Windows) and creating a file named perfc (it’ll end up looking something like this: %WINDIR%perfc. Set that to “read only” permissions, says Hacker House CEO Matthew Hickey. This protects PCs because when the malware first runs, it searches for that filename in that folder and if it’s found, it’ll kill itself, noted Cybereason, one of two cybersecurity firms along with Positive Technologies to find the “vaccine.”

Second, Hickey recommends that concerned users check whether their computer is already infected, a and if so, if the ransomware is not yet running. To do this, look for two “rundll32.exe” files running in the Windows Task Manager. If they’re present, power off the PC and do not turn it back on again. If it is turned back on, the ransomware will then run, encrypt the files and demand $300 in Bitcoin for payment (don’t pay: the hackers’ email account used to handle payment and provide encryption keys has been closed).

Reinstalling Windows will then remove NotPetya. With luck, you’ve got backups to return files to the PC, whether on a device or in the cloud. If not, it’s possible to retrieve unencrypted data by downloading a free operating system like Kali Linux and using it to access the PC hard drive before re-installing Windows, Hickey noted.

Finally, employ some sensible digital hygiene. In particular, make sure you’re running the latest version of whatever Windows system you’re running, as this will patch the flaws that both the NotPetya and WannaCry ransomware exploited (i.e. the vulnerabilities leaked by Shadow Brokers, who claimed the bugs were originally used by the NSA). Ensure Windows firewall is turned on, check antivirus is up-to-date and that all third-party software has been patched too.

Read more here.

 

Portfolio SizeUp to $500,000 $500,000 to $1 million $1 million to $2 million $2 million to $5 million $5 million and above

Petya Or NotPetya: This Ransomware Attack Is Much Worse Than Wannacry

The following two tabs change content below.

• Bio
• Latest Posts

E.J. Smith

Editor-in-Chief

E.J. Smith is Founder of YourSurvivalGuy.com, Managing Director at Richard C. Young & Co., Ltd., a Managing Editor of Richardcyoung.com, and Editor-in-Chief of Youngresearch.com. E.J. graduated from Babson College in Wellesley, Massachusetts, with a B.S. in finance and investments. In 1995, E.J. began his investment career at Fidelity Investments in Boston before joining Richard C. Young & Co., Ltd. in 1998. E.J. has trained at Sig Sauer Academy in Epping, NH. His first drum set was a 5-piece Slingerland with Zilldjians. He grew-up worshiping Neil Peart of the band Rush, and loves the song Tom Sawyer—the name of his family’s boat, a Grady-White Canyon 306. He grew up in Mattapoisett, MA, an idyllic small town on the water near Cape Cod. He spends time in Newport, RI and Bartlett, NH—both as far away from Wall Street as one could mentally get. The Newport office is on a quiet, tree lined street not far from the harbor and the log cabin in Bartlett, NH, the “Live Free or Die” state, sits on the edge of the White Mountain National Forest. He enjoys spending time in Key West and Paris. Please get in touch with E.J. at ejsmith@youngresearch.com.

Latest posts by E.J. Smith (see all)

• The Trouble with this Bond Fund - August 21, 2017
• How an Introvert and DARPA Revolutionized Autonomous Vehicles - August 18, 2017
• Are State-Run Savings Plans a Good Idea? - August 17, 2017