Companies slow to recover from cyberattack

Technology > Security

Many businesses are still far from running normally almost a week after the massive cyber attack on June 27 hit their systems.

Several companies reported hampered operations due to hopelessly scrambled computer networks.  The Heritage Valley Health System could not offer their usual lab and diagnostic imaging services in 14 community and neighborhood offices in western Pennsylvania. DLA Piper, a London-based law firm with offices in 40 countries, said on its website that email systems were still down.

The malware which security experts call “NotPetya” (as it masquerades the Petya ransomware), originally targeted Ukraine.  Experts said collateral damage might include some Fortune 1000 companies. Dave Kennedy, a former Marine cyberwarrior who is now CEO of the security company TrustedSec, said a lot more “isn’t being reported by companies who don’t want to say that they are hit.”

Kennedy said a US client’s entire network of more more than 5,000 computers was hit, including “their backups, servers, their workstations -- everything.”  

In some firms, employees are actually back to using pen and ink to jot down credit card numbers; some even have to use their personal cellphones to maintain business communications.

NotPetya was unleashed through Ukraine tax software, called MeDoc. Customers’ networks became infected from downloading automatic updates from its maker’s website. Many customers are multinationals with offices in the eastern European nation.

Microsoft said that NotPetya managed to hit companies in at least 64 nations, including Russia, Germany, and the United States. Victims include drug giant Merck & Co. and the shipping company FedEx’s TNT subsidiary. Trade in FedEx stock was temporarily halted Wednesday, June 28.

One major victim, Danish shipping giant A.P. Moller-Maersk, said Friday, June 30, that its cargo terminals and port operations were “now running close to normal again.” It said operations had been restored in Spain, Morocco, India, Brazil, Argentina, and Lima, Peru, but problems lingered in Rotterdam, the Netherlands; Elizabeth, New Jersey; and Los Angeles.

In Ukraine, officials assured the public that the outbreak was under control, and service has been restored to cash machines and in the airport.  However, some bank branches remain closed as IT professionals scramble to rebuild networks from scratch.

Ukraine’s government said Thursday, June 29, that the FBI and Britain’s National Crime Agency are assisting in its investigation of the malware.

Experts have blamed pro-Russian hackers for major cyber attacks on the Ukrainian power grid in 2015 and 2016, assaults that have turned the eastern European nation into the world’s leading cyber warfare testing ground.

Image by: Christoph Scholz // Flickr