New Cyberattack Goes Global, Hits WPP, Rosneft, Maersk
This article by Giles Turner , Volodymyr Verbyany , and Stepan Kravchenko for Bloomberg may be of interest to subscribers. Here is a section:
The hack quickly spread from Russia and the Ukraine, through Europe and into the U.S. A.P. Moller-Maersk, operator of the world’s largest container line, said its customers can’t use online booking tools and its internal systems are down. The attack is affecting multiple sites and units, which include a major port operator and an oil and gas producer, spokeswoman Concepcion Boo Arias said by phone.
APM Terminals, owned by Maersk, is experiencing system issues at multiple terminals, including the Port of New York and New Jersey, the largest port on the U.S. East Coast, and Rotterdam in The Netherlands, Europe’s largest harbor. APM Terminals at the Port of New York and New Jersey will be closed for the rest of the day “due to the extent of the system impact,” the Port said.
Cie de Saint-Gobain, a French manufacturer, said its systems had also been infected, though a spokeswoman declined to elaborate, and the French national railway system, the SNCF, was also affected, according to Le Parisien. Mondelez International Inc. said it was also experiencing a global IT outage and was looking into the cause. Merck & Co. Inc., based in Kenilworth, New Jersey, reported that its computer network was compromised due to the hack.
The Wannacry cyberattack occurred in May and hit a number of hospitals and transportation networks. The first conclusion we can draw from the new but similar Petya virus is that it has taken hackers less than a month to iron out the bugs with their first attempt. The next iteration of the attack will likely be even more sophisticated.
These kinds of attacks exploit errors in Windows that came to light following leaks from the NSA and are now common knowledge in the hacker community. Even though patches are available and more up to date software does not have these gaps, the reality is that large numbers of companies and organisations are running what is for all intents and purposes antiquated software.
Microsoft adopted a subscription model a couple of years ago which should make it easier for companies to plan their expenditure on software and ensures they will always be running the most up to date version. However that requires an increasingly urgent change of culture within the technology buying community since they are used to one-time large upfront purchases.
Microsoft’s share is currently at risk of unwinding its overbought condition relative to the trend mean but a sustained move below it would be required to question medium-term scope for additional upside.
The Purefunds Cyber Security ETF remains in an 18-month step sequence uptrend and a sustained move below the trend mean would be required to question medium-term upside potential.
The ransom for the Petya hack is $300 in cryptocurrency and may have been a factor in the price of Ethereum rallying to just about test that level a couple of days after its flash crash to 10¢. This article from Leonid Bershidsky raises the possibility that the low ransom and embedded difficulty in paying it was nothing more than a test run for offensive cyber strategies that could be employed on a wider scale later. There is no doubting geopolitical risk premia are rising. Cybersecurity is likely to represent an important battleground in future conflagrations not least because the internet is so important and comparatively cheap to attack on a global scale.