Cyberattacks Hit Local Government Websites, European Businesses
Just weeks after the WannaCry ransomware attack hit organizations across the globe, hackers have launched a new surge of cyberattacks.
Local and State Websites See Slew of Hacks
Local government websites in at least three states have reported experiencing cyberattacks that replace website content with what appears to be pro-ISIS propaganda, CNN reports.
Websites for the Washington state Department of Health, Howard County, Md., the town of Brookhaven, N.Y., and several websites in Ohio all confirmed similar hacking incidents taking place over the weekend.
Ohio appears to be the worst hit by the attacks thus far, impacting 11 state websites on Sunday. As of Monday morning, all government websites were back up and running. While technicians are still scanning the websites, Tom Hoyt, spokesman for the Ohio Department of Administrative Services, told the Columbus Dispatch that the government had no reason to believe as of yet that data were accessed or compromised.
Howard County’s website is back online as well, and the government has said that there was no data breach and no personal information was compromised.
Brookhaven officials have taken down the website and are currently working to resolve the issue.
A New Rash of Cyberattacks Take Europe
A widespread ransomware assault hit Europe on Tuesday, targeting government and key infrastructure, the Washington Post reports.
Deputy Head of the Presidential Administration @dshymkiv instructed the team to help IT teams of other governmental institutions pic.twitter.com/iQw33ZJO7X
— The Bankova (@TheBankova) June 27, 2017
Ukraine was the first to report the hacking incidents, dubbed Petya, saying the attacks had targeted “government ministries, banks, utilities and other important infrastructure and companies nationwide,” the source reports, as well as airport departure tables. The ransomware is demanding cryptocurrency bitcoin payment from government employees before it will release encrypted data.
The attack is continuing to spread, with Russian oil company Rosneft and Danish transport and energy company Maersk reporting their systems are down due to cyberattacks.
We can confirm that Maersk IT systems are down across multiple sites and business units. We are currently assessing the situation.
— Maersk (@Maersk) June 27, 2017
The spreading mechanism is still unknown, but analysts at Symantec have reported that the ransomware is likely using EternalBlue, the same exploit used in the WannaCry attacks that takes advantage of a weakness in Microsoft’s server message block.
Symantec analysts have confirmed #Petya #ransomware, like #WannaCry, is using #EternalBlue exploit to spread
— Security Response (@threatintel) June 27, 2017
The issue has been patched, but customers need to apply the patch in order to keep their systems safe.