After WannaCry, ‘Petya’ Ransomware hits Jawaharlal Nehru Port in Mumbai, operations suspended
New Delhi, June 28: All operations at the Jawaharlal Nehru Port (JNPT) were suspended on Wednesday after reports of the ‘Petya’ Ransomware infecting India’s largest container port emerged.
The ‘Petya’ ransomware has caused disruption at firms across the U.S. and Europe including advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft.
The food giant Mondelez, legal firm DLA Piper, Danish shipping and transport giant AP Moller-Maersk and Heritage Valley Health System, which runs hospitals and care facilities in Pittsburgh, also said their systems had been hit by the malware.
The ransomware is similar to WannaCry in terms of demanding bitcoins to unlock the encrypted files.
Infected computers display a message demanding a Bitcoin ransom worth USD 300. Those who pay are asked to send confirmation of payment to an email address. However, that email address has been shut down by the email provider, reported the Guardian.
“We do not tolerate any misuse of our platform,” said the German email provider Posteo, in a blog post.
This means that there is no longer any way for people, who decide to pay the ransom to contact the attacker for a decryption key to unlock their computer.
The attack was first reported in Ukraine, where the government, banks, state power utility and Kiev’s airport and metro system were all affected. The radiation monitoring system at Chernobyl was taken offline, forcing employees to use hand-held counters to measure levels at the former nuclear plant’s exclusion zone.
Some technology experts said the attack appeared consistent with an “updated variant” of a virus known as Petya or Petrwrap, a ransomware that locks computer files and forces users to pay a designated sum to regain access.
But analysts at cyber security firm Kaspersky Labs said they had traced the infections to “a new ransomware that has not been seen before”. The “NotPetya” attack had hit 2,000 users in Russia, Ukraine, Poland, France, Italy, the UK, Germany and the US, Kaspersky said.
Last month’s WannaCry or WannaCrypt ransomware attack affected more than 2,30,000 computers in over 150 countries, with the U.K.’s national health service, Spanish phone giant Telefonica and German state railways among those hardest hit.