World

Here’s Just Who Got Hit By The Latest Massive Cyberattack

Hospitals, state-run infrastructure, and even supermarkets were hit hard by the latest wave of ransomware based on NSA-developed exploits.

Posted on

More than 2000 computers and millions of people were affected on Tuesday as a virus ran rampant in the computer systems of companies and government infrastructure alike around the world.

Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tack… https://t.co/OZez5RfehL

The ransomware virus — which infects a computer and then encrypts its files, promising to decrypt them if a ransom is paid — crippled state-run infrastructure and major companies.

The exploit, dubbed ExPetr, takes advantage of a vulnerability in Microsoft’s Windows XP through 2008, and was also used for the WannaCry attack that happened in May. (North Korea has been identified as the likely source of WannaCry.)

EternalBlue was developed by the NSA over five years ago and remained secret until April, when a trove of NSA secrets were disclosed by a group known as the Shadow Brokers. NSA alerted Microsoft to the vulnerability in March and Microsoft has released a patch, however the patch depends on end-users making software updates, leaving those who are slow to update vulnerable to attack.

It remains unclear who was behind Tuesday’s attack.

Schroedinger’s Pet(ya) via @Securelist #petya #notpetya https://t.co/yh5y7WCcun

Ukraine was the hardest hit, but companies in Russia, the United States, UK, Denmark, France, and others were also hit. Initially Symantec and Kaspersky Labs had identified the attack as a strain of Petya, a virus available for distribution on the dark web, but Kaspersky Labs released a statement later in the day saying that this is “new ransomware that has not been seen before," and that they were renaming it NotPetya.

To give a sense of scale of the attack, here’s a list of just some of its targets by country:

Ukraine:

1. The Cabinet of Minister’s Secretariat

Та-дам! Секретаріат КМУ по ходу теж "обвалили". Мережа лежить.

A supermarket in Ukraine. The country is under cyberattack. via @golub

A tipster sends along this photo taken outside DLA Piper's D.C. office around 10am. #Petya

Otillia Steadman is a world assistant for BuzzFeed News and is based in New York.

Contact Otillia Steadman at otillia.steadman@buzzfeed.com.

Got a confidential tip? Submit it here.