Stillness in the Storm

An Agent for Consciousness Evolution

NSA Software Behind Latest Global Ransomware Attack

By Leave a Comment

Spread the love



(Zero Hedge) “It’s like WannaCry all over again,” said Mikko Hypponen, chief research
officer with Helsinki’s cybersecurity firm F-Secure, when discussing
today’s latest outbreak of the WannaCry-like ransomeware attack, which
as we reported earlier started in Ukraine, and has since spread to
corporate systems across the world, affecting Russian state oil giant
Rosneft, the international shipping and energy conglomerate Maersk, and
the UK public relations company WPP, before jumping across the Atlantic
and going global, by infecting the US-based division of global pharma
giant Merck, which this morning confirmed it has been hit by the “Petya”
attack.

Related BREAKING: “Massive Cyberattack” Spreads Across Europe, Hits Ukraine, Russia, UK, Denmark

SourceThe Daily Sheeple

by Zero Hedge, June 27th, 2017

“We confirm our company’s computer network was compromised today as part of global hack,” Merck said in a statement on Tuesday. “Other organizations have also been affected. We are investigating the matter and will provide additional information as we learn more.”

Merck employees were instructed to disconnect all mobile devices from the company network and advised not to speak to reporters or post messages on social media accounts.

Computers at Merck facilities in Pennsylvania and New Jersey locked up Tuesday morning around 8am local time, according to the Inquirer.

Back in mid-May, when WannaCry spread with tremendous speed around the globe, many said that it’s only a matter of time before the virus returns in a more advanced, weaponized version. Sure enough, cyber security experts quoted by Reuters said those behind the attack appeared to have exploited the same hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a temporary kill-switch.

Hypponen said he expected the outbreak to spread in the Americas as workers turned on vulnerable machines, allowing the virus to attack. “This could hit the U.S.A. pretty bad,” he said. And, as Merck confirmed, it already has.

Within hours of the first attack, the U.S. Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.

The first reports of organizations being hit emerged from Russia and Ukraine, but the impact quickly spread westwards to computers in Romania, the Netherlands, Norway, and Britain.

Within hours, the attack had gone global.

In addition to the US, a Swiss government agency also reported computer systems were affected in India, though the country’s cyber security agency said it had yet to receive any reports of attacks according to Reuters.

For those infected, there may be just one option: pay the ransom. One victims of the cyber attack, a Ukrainian media company, said its computers were blocked and it had a demand for $300 worth of the Bitcoin crypto-currency to restore access to its files.

“If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service,” the message said, according to a screenshot posted by Ukraine’s Channel 24. The same message appeared on computers at Maersk offices in Rotterdam and at businesses affected in Norway.

Other companies that said they had been hit by a cyber attack included Russian oil producer Rosneft, French construction materials firm Saint Gobain and the world’s biggest advertising agency, WPP – though it was not clear if their problems were caused by the same virus. “The building has come to a standstill. It’s fine, we’ve just had to switch everything off,” said one WPP employee who asked not to be named.

The virus was seen on various Ukraine ATMs, leading to jokes that while normally you ask ATMs for money, in hacked Ukraine, ATMs ask you.

Cyber security firms scrambled to understand the scope and impact of the attacks, seeking to confirm suspicions hackers had leveraged the same type of hacking tool exploited by WannaCry, and to identify ways to stop the onslaught. Experts said the latest ransomware attacks unfolding worldwide, dubbed GoldenEye, were a variant of an existing ransomware family called Petya.

It uses two layers of encryption which have frustrated efforts by researchers to break the code, according to Romanian security firm Bitdefender. “There is no workaround to help victims retrieve the decryption keys from the computer,” the company said.

Russian security software maker Kaspersky Lab, however, said its preliminary findings suggested the virus was not a variant of Petya but a new ransomware not seen before.

As noted earlier, Ukraine was quick to accuse Russia. An advisor to Ukraine’s interior minister said the virus got into computer systems via “phishing” emails written in Russian and Ukrainian designed to lure employees into opening them. According to the state security agency, the emails contained infected Word documents or PDF files as attachments.

But whatever the origin of the geographic hacking operation, the actual software used is the same that was created by the NSA and subsequently leaked by a disgruntled non-Russian employee. Now we are just waiting for the confirmation.

As a reminder, the quick proliferation of the original WannCry malware, which infected nearly 300,000 computers worldwide within a day, was due entirely to its use of two powerful software exploits that were released to the public in April by the anonymous hacker group calling itself the Shadow Brokers, which said the exploits were developed by the US National Security Agency (NSA).

On Tuesday, Edward Snowden asked “How many times does @NSAGov’s development of digital weapons have to result in harm to civil infrastructure before there is accountability?”

Apparently, not enough.

Meanwhile, governments and so-called experts had laughably come to the conclusion that the North Korean government was behind the original WannaCry attack. We just can’t wait for the those same “experts” to again blame this latest global malware attack on Kim and his team of crack blackhats.

Finally, for those who want to keep track of how many people have made the ransom payment, there is a twitter for that: there is now a Twitter bot, @petya_payments, that will tweet each time a new ransom payment is made to the bitcoin wallets associated with the Petya attack.

_________________________
Stillness in the Storm Editor’s note: Did you find a spelling error or grammar mistake? Do you think this article needs a correction or update? Or do you just have some feedback? Send us an email at [email protected] with the error, headline and urlThank you for reading.

Notices and Disclaimers

We need $2000 per month to pay our costs. Help us one time or recurring(DONATE HERE)

To sign up for RSS updates, paste this link (https://stillnessinthestorm.com/feed/) into the search field of your preferred RSS Reader or Service (such as Feedly or gReader).

Subscribe to Stillness in the Storm Newsletter

“It is the mark of an educated mind to be able to entertain a thought without accepting it.” – Aristotle

This website is supported by readers like you.

If you find our work of value, consider making a donation

Stillness in the Storm DISCLAIMER: All articles, videos, statements, claims, views and opinions that appear anywhere on this site, whether stated as theories or absolute facts, are always presented by Stillness in the Storm as unverified—and should be personally fact checked and discerned by you, the reader. Any opinions or statements herein presented are not necessarily promoted, endorsed, or agreed to by Stillness, those who work with Stillness, or those who read Stillness. Any belief or conclusion gleaned from content on this site is solely the responsibility of you the reader to substantiate, fact check, and no harm comes to you or those around you. And any actions taken by those who read material on this site is solely the responsibility of the acting party. You are encouraged to think carefully and do your own research. Nothing on this site is meant to be believed without question or personal appraisal.

Content Disclaimer: All content on this site marked with “source – [enter website name and url]” is not owned by Stillness in the Storm. All content on this site that is not originally written, created, or posted as original, is owned by the original content creators, who retain exclusive jurisdiction of all intellectual property rights. Any copyrighted material on this site was shared in good faith, under fair use or creative commons. Any request to remove copyrighted material will be honored, provided proof of ownership is rendered. Send takedown requests to [email protected].

What is our mission? Why do we post what we do?

Our mission here is to curate (share) articles and information that we feel is important for the evolution of consciousness. Most of that information is written or produced by other people and organizations, which means it does not represent our views or opinions as managing staff of Stillness in the Storm. Some of the content is written by one of our writers and is clearly marked accordingly. Just because we share a CNN story that speaks badly about the President doesn’t mean we’re promoting anti-POTUS views. We’re reporting on the fact as it was reported, and that this event is important for us to know so we can better contend with the challenges of gaining freedom and prosperity. Similarly, just because we share a pro/anti-[insert issue or topic] content, such as a pro-second amendment piece or an anti-military video doesn’t mean we endorse what is said. Again, information is shared on this site for the purpose of evolving consciousness. In our opinion, consciousness evolves through the process of accumulating knowledge of the truth and contemplating that knowledge to distill wisdom and improve life by discovering and incorporating holistic values. Thus, sharing information from many different sources, with many different perspectives is the best way to maximize evolution. What’s more, the mastery of mind and discernment doesn’t occur in a vacuum, it is much like the immune system, it needs regular exposure to new things to stay healthy and strong. If you have any questions as to our mission or methods please reach out to us at [email protected].

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *