Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Ukraine cyber attack: Chaos as national bank, state power provider and airport hit by hackers

Russian energy firms and Danish shipping company also hit by hackers

Lizzie Dearden
Tuesday 27 June 2017 14:04 BST
Comments
'Petya' cyber attack hits firms across the world

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Ukraine’s national bank, state power company and largest airport are among the targets of a huge cyber attack on government infrastructure.

Rozenko Pavlo, the deputy Prime Minister, said he and other members of the Ukrainian government were unable to access their computers.

“We also have a network 'down',” he wrote. “This image is being displayed by all computers of the government.”

The photo showed his PC displaying a message claiming a disk “contains errors and needs to be prepared”, urging the user not to turn it off.

Images from other affected computers and disabled cash points showed what appeared to be ransomware, demanding a payment of $300 (£235) in Bitcoin to re-gain access to encrypted files.

Analysts said the virus, named Petrwrap or Petya, appeared to work similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with power distributor Ukrenergo, which said the attack did not affect power supplies.

The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms.

“As a result of cyber attacks, these banks have difficulties with customer service and banking operations,” a statement said.

Cyber attack hit 200,000 victims across 150 countries, says Europol chief

“The National Bank bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber attacks on banks' IT systems will be neutralised.”

Oschadbank, one of Ukraine's largest state-owned lenders, said some of its services had been affected by a “hacking attack” but guaranteed that customer data was safe.

Computers and departure boards at Boryspil International Airport in Kiev – the largest in Ukraine – were also down.

“The official site of the airport and the scoreboard with the schedule of flights aren't working!” the airport’s acting director, Pavel Ryabikin, wrote on Facebook.

Meanwhile, the hack caused authorities in the Chernobyl exclusion zone to switch to manual radiation monitoring at the site of the 1986 nuclear disaster.

The Ukrposhta state postal service, television stations and transport were also affected by the attack, which left Kiev metro passengers unable to pay using bank cards.

The website of Boryspil International Airport during a cyber attack targeting Ukrainian infrastructure on 27 June 2017
The website of Boryspil International Airport during a cyber attack targeting Ukrainian infrastructure on 27 June 2017

Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets.

Maersk said its IT systems were down across “multiple sites and businesses due to a cyber attack”, although it was unclear whether it was related to the situation in Ukraine.

The Danish business congolmerate is the largest container shipping company in the world and also operates in the oil and gas sectors.

Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz.

“The cyber attack could lead to serious consequences, however, due to the fact that the Company has switched to a reserve control system, neither oil production nor preparation processes were stopped,” a statement from Rosneft said.

There were confirmed reports of the virus spreading to countries including Spain, France and India.

The cyber attack – a day before Ukraine marks its Constitution Day - struck hours after a high-ranking intelligence officer was assassinated in a car bombing in Kiev.

Police said Colonel Maksim Shapoval, a member of the defence ministry’s main intelligence directorate, was killed in the “terrorist act” on Tuesday.

Ukraine has blamed Russia for repeated cyber attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015.

Relations between Kiev and the Kremlin collapsed in 2014 following Moscow's annexation of Crimea and support for pro-Russian separatists in eastern Ukraine, where fighting continues despite a ceasefire agreement.

Russia denies carrying out cyber attacks on Ukraine and allegations it has fuelled the eastern conflict by supplying rebels with troops and weapons.

The UK’s Houses of Parliament were targeted in a separate attack on Friday that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords.

Less than 1% of the system's 9,000 users were directly impacted by the “determined and sustained” attack, officials said, but some functions were temporarily shut down as a precaution.

An increasing number of global cyber attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a “permanent war” online.

Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.

“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.

“We are getting closer, clearly, to a state of war - a state of war that could be more complicated, probably, than those we've known until now.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in