A ransomware attack hit computers across the world on 27 June, taking out servers at Russia's biggest oil company, disrupting operations at Ukrainian banks, and shutting down computers at multinational shipping and advertising firms.
Cyber security experts said those behind the attack appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
"It's like WannaCry all over again," said Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure.
India’s Largest Port Under Attack
Operations at one of the three terminals of the India's largest container port, the Jawaharlal Nehru Port (JNPT) were impacted as a fallout of the attack.
AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT, which has a capacity to handle 1.8 million standard container units.
“We have been informed that the operations at GTI have come to a standstill because their systems are down (due to the malware attack). They are trying to work manually,” a senior JNPT official told PTI tonight.
Fearing some clogging up of cargo, additional parking space is being made available, the official said, promising to help in any way that is possible.
Earlier India's cyber security agency had told Reuters that it is yet to receive any reports of a latest ransomware attack hitting computers, after a Swiss government agency identified India as one of the main victims.
Sanjay Bahl of the New Delhi-based Computer Emergency Response Team said he was monitoring the situation.
Spokespeople for top companies such as Amazon India, Infosys , Tata Consultancy Services, Flipkart and Ola said their systems were unaffected.
Cyber Attack Spreads Within Hours
Hypponen said he expected the outbreak to spread in the Americas as workers turned on vulnerable machines, allowing the virus to attack. “This could hit the USA pretty bad,” he said.
The US Department of Homeland Security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.
The first reports of organisations being hit emerged from Russia and Ukraine, but the impact quickly spread westwards to computers in Romania, the Netherlands, Norway, and Britain.
Within hours, the attack had gone global.
Danish shipping giant AP Moller-Maersk, which handles one out of seven containers shipped globally, said the attack had caused outages at its computer systems across the world on Tuesday, including at its terminal in Los Angeles.
Pharmaceutical company Merck & Co said its computer network had been affected by the global hack.
A Swiss government agency also reported computer systems were affected in India, though the country's cyber security agency said it had yet to receive any reports of attacks.
Spanish media reported that the offices of large multinationals such as food giant Mondelez and legal firm DLA Piper also suffered attacks. French construction materials company St Gobain said it had also fallen victim.
Reports said the Kiev metro system stopped accepting payment cards while several chains of petrol stations suspended operations. Ukraine's Deputy Prime Minister Pavlo Rozenko tweeted a picture of a computer screen showing an error message.
"We also have a network 'down'," Rozenko said on Facebook. "This image is being displayed by all computers of the government."
Company in Norway Under Attack
A ransomware cyber attack took place on Tuesday afternoon in Norway (local time) and affected an unnamed "international company", said the Nordic country's national security authority.
A ransomware attack encrypts one's email and computer and can only be unlocked if money is paid.
“We see there is a ransomware attack that is actually ongoing. Only one international company has been affected in Norway,” said a spokeswoman for the authority, who declined to name the firm. “We have some extra resources to follow the situation closely ... We assume it is similar to the attack on Maersk,” she added.
Wholesale Stores in Ukraine Hit by Cyber Attack
Germany's Metro said on Tuesday that its wholesale stores in the Ukraine were hit by a cyber attack and the retailer was assessing the impact.
“The National Bank of Ukraine has warned banks about an external hacker attack on the websites of some Ukrainian banks which was carried out today,” Ukraine’s central bank said in a statement.
It came as Russian oil giant Rosneft said its servers had suffered a "powerful" cyberattack.
Radiation Checks at Ukraine's Chernobyl Site Affected
Some radiation checks at the Chernobyl nuclear disaster site in Ukraine had to be carried out manually on Tuesday after a wave of cyber attacks that hit Ukrainian institutions affected operations there, a state agency said.
“Due to the temporary disconnection of Windows systems, radiation monitoring of the industrial site is being carried out manually,” the state agency that oversees the Chernobyl exclusion zone said in a statement.
A representative of the agency told Reuters only the radiation checks on personnel entering and leaving the zone were done manually, while all other radiation monitoring was carried out as normal.
All technology systems of the station are working as normal.The Agency
Russian Oil Producer Hit
Russia's top oil producer Rosneft said a large-scale cyber attack hit its servers on Tuesday, with computer systems at some banks and the main airport in neighbouring Ukraine also disrupted.
“There have been indications of late that Petya is in circulation again, exploiting the SMB (Server Message Block) vulnerability,” the Swiss Reporting and Analysis Centre for Information Assurance (MELANI) said in an e-mail.
It said it had no information that Swiss companies had been impacted, but said it was following the situation.
17 APM Shipping Container Terminals Hit: Dutch Broadcaster
Seventeen shipping container terminals run by APM Terminals were hacked, including two in Rotterdam and 15 in other parts of the world, Dutch broadcaster RTV Rijnmond reported on Wednesday.
APM Terminals is a subsidiary of shipping giant Maersk , which has confirmed it is suffering from a cyber attack.
APM's website was difficult to reach and phones at its headquarters in The Hague and offices in Rotterdam went unanswered.
A spokeswoman for the company in Copenhagen confirmed its systems were "impacted" as part of Maersk's IT infrastructure.
The RTV report said computers were infected by ransomware that encrypted their hard drives. The broadcaster published an image of the screen of an affected machine with a message demanding a $300 payment.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)