A ransomware attack hit computers across the world on Tuesday, taking out servers at Russia’s biggest oil company, disrupting operations at Ukrainian banks, and shutting down computers at multinational shipping and advertising firms.
Cyber security experts said those behind the attack appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
The first reports of organisations being hit emerged from Russia and Ukraine, but the impact quickly spread westwards to computers in Romania, the Netherlands, Norway, and Britain.
Within hours, the attack had gone global.
Danish shipping giant A.P. Moller-Maersk, which handles one out of seven containers shipped globally, said the attack had caused outages at its computer systems across the world on Tuesday, including at its terminal in Los Angeles.
Pharmaceutical company Merck & Co said its computer network had been affected by the global hack.
A Swiss government agency also reported computer systems were affected in India, though the country’s cyber security agency said it had yet to receive any reports of attacks.
Cyber security firms scrambled to understand the scope and impact of the attacks, seeking to confirm suspicions hackers had leveraged the same type of hacking tool exploited by WannaCry, and to identify ways to stop the onslaught.
Last’s month’s fast-spreading WannaCry ransomware attack was crippled after a 22-year-old British security researcher Marcus Hutchins created a so-called kill-switch that experts hailed as the decisive step in slowing the attack.
Ukraine was particularly badly hit, with Prime Minister Volodymyr Groysman describing the attacks on his country as “unprecedented”.