ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintIcon Twitter
International relations

India, France report damage in global cyberattack

Malware strain more sophisticated than WannaCry is also worryingly easy to copy

 (placeholder image)
An out-of-order payment terminal at a bank in Ukraine.   © Reuters

WASHINGTON/MOSCOW -- The cyberattack that surfaced in Ukraine and elsewhere Tuesday has now spread to France and India, and its origins in publicly available tools has stoked fears that further strikes may follow.

Russia's central bank said Tuesday that several banks' systems had suffered a cyberattack, according to the Interfax news agency. The Russian consumer lending unit of Czech group Home Credit froze some customer services, while state-run oil major Rosneft found trouble in its payment systems. A major travel site's booking system also suffered damage.

One researcher from Russia-based internet security firm Kaspersky Lab has said 60% of the victims were in Ukraine, and 30% in Russia. But the damage is still spreading. Near Mumbai in western India, reports emerged Tuesday evening that operations were disrupted for some facilities at the Jawaharlal Nehru Port -- one of the largest container ports in the country. Reuters reported Wednesday that a real estate arm of French bank BNP Paribas was also struck.

A new strain

The malware used in the attack appears to be based on a strain of ransomware discovered last year, known as Petya. The basic blueprints of the Petya virus were published online in April, report U.S. media, making it far easier to be used for an attack.

The new malware encrypts users' data, rendering it unusable, and demands a $300 ransom for the encryption key, much like the WannaCry program used in last month's attack. This strain, however, appears to bypass anti-malware protections more nimbly.

WannaCry had a "kill switch" that a U.K. researcher discovered and used to stop the attack's spread. This time, no such safeguard has been found. Microsoft released a free security patch to defend against WannaCry, but even some patched computers have been affected by the new malware strike.

An elusive problem

The perpetrators are unclear. Some theorize hackers seeking money are behind the attack, while others speculate political aims.

The severity of the impact in Ukraine suggests that Russia could have had a hand in the attack, given the two countries' friction over the annexation of the Crimean peninsula, according to a network monitoring official at the Japan arm of U.S. web security company Symantec. Others surmise that the North Korea-linked hacker group Lazarus, suspected in last month's attack, may be to blame again.

Symantec reports that 463,000 ransomware attacks were detected in 2016, up 36% on the year. In many cases, attackers seek payment in the virtual currency bitcoin, which is difficult for investigators to trace. One information technology company purportedly ponied up $1 million in such an attack. The rampant growth of cyber strikes that require no complex preparations looks to make it harder for authorities to identify culprits and stave off attacks.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Try 1 month for $0.99

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends January 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to Nikkei Asia has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media

Nikkei Asian Review, now known as Nikkei Asia, will be the voice of the Asian Century.

Celebrate our next chapter
Free access for everyone - Sep. 30

Find out more