Networking and security major Cisco has recently discovered that the computer virus that is affecting companies and institutions around the globe is a latest variant of ransomware called Nyetya -WannaCry’s bad cousin.
According to the company, “The new cyber attack started massively affecting dozens of companies and institutions in the world, beginning with Russia and Ukraine on Tuesday, and now spreading to Asia and Australia on Wednesday.”
It is also reported by Cisco’s Talos cyber security division that this damage of computer virus “uses the same Eternal Blue exploit – a vulnerability used by the US National Security Agency (NSA) – and other weaknesses of Microsoft’s operating system to spread.”
Talos cyber security executive Craig Williams said, “Nyetya is also very similar to WannaCry, the ransomware that affected 200,000 people in 150 countries in May, encrypting data on infected computers and asking for a ransom to recover them.”
“However, in the case of the virus emerging on Tuesday, which is quite “different” from the Petya virus, its infection “will spread very quickly if the ‘bad guys’ behind it decide to do so,” Williams said.
It is also reported that many companies in the Asia Pacific region, like the Mondelez owned Cadbury chocolate factory in Hobart, Tasmania, and the global law firm DLA Piper were affected on Wednesday.
In an important note published by the Hong Kong website of DLA Piper, “We are currently dealing with a serious global cyber incident” adding that “we have taken down our systems as a precautionary measure which will mean you are currently unable to contact us by email or landline.”
Cisco said, “Nyetya is “WannaCry’s bad cousin” and “initial vector identification has shown that the virus is more defiant.”
The virus has disabled the e-mails of some of the companies and institutions and, therefore, prevented them from contacting the cybercriminals to recover their information after their computers were disconnected.