Ransomware 'Nyetya' behind new global cyber attack: Cisco


Las Vegas, Jun 28 (IANS): The computer virus that is affecting companies and institutions around the world is a new variant of ransomware called Nyetya -- WannaCry's bad cousin -- according to networking and security major Cisco.

The new cyber attack started massively affecting dozens of companies and institutions in the world, beginning with Russia and Ukraine on Tuesday, and now spreading to Asia and Australia on Wednesday.

Cisco's Talos cyber security division reported that its research shows that this strain of computer virus "uses the same Eternal Blue exploit - a vulnerability used by the US National Security Agency (NSA) - and other weaknesses of Microsoft's operating system to spread", Efe news reported.

Nyetya is also very similar to WannaCry, the ransomware that affected 200,000 people in 150 countries in May, encrypting data on infected computers and asking for a ransom to recover them, said Talos cybersecurity executive Craig Williams.

However, in the case of the virus emerging on Tuesday, which is quite "different" from the Petya virus, its infection "will spread very quickly if the 'bad guys' behind it decide to do so," Williams said.

On Wednesday several companies in the Asia Pacific region, like the Mondelez owned Cadbury chocolate factory in Hobart, Tasmania, and the global law firm DLA Piper were affected.

The Hong Kong website of DLA Piper published an important note to clients saying "We are currently dealing with a serious global cyber incident" adding that "we have taken down our systems as a precautionary measure which will mean you are currently unable to contact us by email or landline."

According to Cisco, Nyetya is "WannaCry's bad cousin" and "initial vector identification has shown that the virus is more defiant."

Williams ruled out that "an e-mail vector" was the initial propagation factor.

Some of the affected companies and institutions have claimed that the virus has disabled their e-mails and, therefore, prevented them from contacting the cybercriminals to recover their information after their computers were disconnected.

The threat does not have "a known, viable external spreading mechanism - such as the Internet," so "it is possible that some infections may be associated with software update systems for a Ukrainian tax accounting package called MeDoc", according to Williams.

  

Top Stories


Leave a Comment

Title: Ransomware 'Nyetya' behind new global cyber attack: Cisco



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.