Global Cyberattack Hits Indian Port
June 28, 2017
A global cyberattack disrupted operations Wednesday at India's
largest container port, adding to the headaches of governments
and businesses affected by so-called ransomware code that takes
a user's data hostage until the victim agrees to pay for its
The problems at Jawaharlal Nehru Port in Mumbai involved a
terminal run by Danish shipping giant A.P. Moller-Maersk. The
company had said Tuesday as the attack was spreading largely in
Europe and the United States that the malicious code was
affecting terminals "in a number of ports."
Australia's Cyber Security Minister Dan Tehan told reporters
Wednesday that officials have not yet confirmed the same
computer virus was responsible for ransomware attacks on two
Australian companies, but that "all indications would point to"
that being the case.
Banks, government offices and airports in Ukraine were among the
first to report the cyberattack.
Ukrainian Deputy Prime Minister Pavlo Rozenko tweeted a photo of
his black computer screen, saying the government's headquarters
had been shut down.
Other international firms that reported being affected include
America's Merck pharmaceutical company, Russia's Rosneft oil
giant, British advertising giant WPP and French industrial group
"We confirm our company's computer network was compromised today
as part of global hack. Other organizations have also been
affected," Merck said on Twitter.
A U.S. National Security Council spokesman said the Department
of Homeland Security, the FBI and other agencies are "working
with public and private, domestic and international partners to
respond to this event and provide technical information for
prevention and remediation."
"Individuals and organizations are discouraged from paying the
ransom as this does not guarantee access will be restored," the
Europol's European Cybercrime Center has told anyone affected by
Tuesday's attack to report the crime to national police and
encouraged them not to pay any ransom requested by hackers.
"What is interesting about this particular case is that the
email system that is supposed to be used to deposit the Bitcoin
ransoms has actually been disabled, so the hackers in this case
may not get what they bargained for," Cedric Leighton, who
operates his own crisis management consultancy, told VOA.
computer virus used in the attack includes code known as Eternal
Blue, a tool developed by the NSA that exploited Microsoft's
Windows operating system and which was published on the internet
in April by a group called Shadowbrokers. Microsoft released a
patch to protect systems from the exploit in March.
A similar ransomware attack last month named "WannaCry" affected
computer systems in 150 countries.
Tim Rawlins, director of the Britain-based cybersecurity
consultancy NCC Group, says these attack continue to happen
because people have not been keeping up with effectively
patching their computers.
"This is a repeat WannaCry type of outbreak and it really comes
down to the fact that people are not focusing on what they
should be focusing on, the very simple premise of patching your
systems," Rawlins told VOA.