Expect fair to partly cloudy conditions today with chances of fog and mist formation in some areas
"There have been indications of late that Petya is in circulation again, exploiting the SMB (Server Message Block) vulnerability," the Swiss Reporting and Analysis Centre for Information Assurance (MELANI) said in an e-mail.
It said it had no information that Swiss companies had been impacted, but said it was following the situation. The Petya virus was blamed for disrupting systems in 2016.
Russia's top oil producer Rosneft said a large-scale cyber attack hit its servers on Tuesday, with computer systems at some banks and the main airport in neighboring Ukraine also disrupted.
Company and government officials reported serious intrusions at the Ukrainian power grid, banks and government offices, where one senior official posted a photo of a darkened computer screen and the words, "the whole network is down". Ukraine's prime minister said the attack was unprecedented but that "vital systems haven't been affected".
The number of companies and agencies reportedly affected by the ransomware campaign was piling up fast, and the electronic rampage appeared to be rapidly snowballing into a real-world crisis. Dutch daily Algemeen Dagblaad says that container ship terminals in Rotterdam run by a unit of Maersk were also affected. Rosneft said that the company narrowly avoided major damage.
"The hacking attack could have led to serious consequences but neither the oil production nor the processing has been affected thanks to the fact that the company has switched to a reserve control system," the company said.
There's very little information about what might be behind the disruption at each specific company, but cybersecurity experts rapidly zeroed in on a form of ransomware, the name given to programs that hold data hostage by scrambling it until a payment is made.
"A massive ransomware campaign is currently unfolding worldwide," said Romanian cybersecurity company Bitdefender. In a telephone interview, Bitdefender analyst Bogdan Botezatu said that he had examined samples of the program and that it appeared to be nearly identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months.
It's not clear whether or why the ransomware has suddenly become so much more potent, but Botezatu said that it was likely spreading automatically across a network, without the need for human interaction. Self-spreading software, often described as "worms," are particularly feared because they can spread rapidly, like a contagious disease.
"It's like somebody sneezing into a train full of people," said Botezatu. "You just have to exist there and you're vulnerable."
The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the US National Security Agency and recently leaked to the web.
This particular variant of ransomware leaves a message with a contact email; several messages sent to the address were not immediately returned.
Expect fair to partly cloudy conditions today with chances of fog and mist formation in some areas
Iran fired air defense batteries after reports of explosions near a major airbase at the city of Isfahan
Other requests include residents seeking assistance with cleaning mud accumulation, restoring damaged furniture
Many students wade through waist-deep water to head to neighbour's house for online classes
With 30% of their inventory damaged, owners of Preloved Books now face the daunting task of rebuilding from scratch
Some doctors are already seeing more patients coming in with fever, diarrhoea, and dysentery
Five-time champions hold their nerve to claim victory by nine runs in the final over at Chandigarh
Natasha Abbas is a British civil engineer who co-founded North 51, a project management consultancy in Dubai