A global ransomware outbreak known as Petya has government agencies and private businesses around the globe scrambling to get their systems back online and recover their data.
The ransomware spread like wildfire on Tuesday, hitting organizations across Europe and the US. According to Microsoft, Petya has affected more than 12,500 machines in just the Ukraine, where the first infections were identified. Since then, it has spread to another 64 countries, including Belgium, Brazil, Germany, Russia, and the US.
The Petya outbreak comes after hundreds of thousands of PCs were attacked last month by ransomware known as WannaCry, which threw government agencies and private businesses around the globe into disarray. WannaCry resurfaced just last week, infecting the network at a Honda factory in Japan and traffic cameras in Australia.
Who has been affected?
The Petya ransomware has already taken offline several critical infrastructure institutions in Ukraine, according to Bogdan Botezatu, senior e-threat analyst at cyber security firm Bitdefender. Ukraine’s state power distributor Ukrenergo was hit, along with several of the country’s banks, and the Kiev Metro.
Beyond Ukraine, Petya has claimed a number of other high-profile victims, including: Chernobyl’s radiation monitoring system, law firm DLA Piper, pharmaceutical company Merck, Danish shipping and energy company Maersk, UK-based advertising and public relations firm WPP, and Russian oil industry company Rosnoft.
McAfee released a map (which you can see above) showing the distribution of its clients that have detected the current known samples of Petya, with darker colors representing a greater number of infections. The map appears to suggest that the US has been harder hit than Ukraine, though Chief Research Officer at security firm F-Secure Mikko Hypponen said that might not technically be the case, since McAfee has “much better visibility” in the US than Ukraine.