Previous post Next post

Swiss companies’ computers held for ransom in global hack attack

Virus Admeira

A computer screen at the Swiss advertising company Admeira shows the result of a cyberattack that struck on Tuesday - Click to enlarge

Swiss advertising conglomerate Admeira and six other Swiss companies are among those who fell victim to the latest global cyberattack demanding payment in Bitcoin in exchange for the return of hacked files and computer systems.

According to Admeira Head of Communications Romi Hofer, the first sign that something was wrong was when “screens went blank” at the company on Tuesday afternoon.

“There were some letters coming up [on the screen] and it seemed like a software update or something, but then nothing happened,” she recalls. “We called our help desk and they told us we might have been hit by a cyber-attack.”

Admeira is Switzerland’s largest advertising and marketing company formed through a partnership among telecom carrier Swisscom, private media brand Ringier and the Swiss Broadcasting Corporation (swissinfo.ch’s parent company). As of Wednesday morning, Admeira’s website was down and its team had been told not to use their computers anymore while specialists “prioritise and analyse” how to react, Hofer said.

Ransom in Bitcoin

The hackers are holding the hacked companies’ computers for ransom until they receive a payment of $300 (CHF290) in Bitcoin. They demand that payment be made into a single account and that payment confirmation be sent via e-mail. However, e-mail provider Posteo revoked access to the e-mail account named in the attack, making it pointless for companies to pay ransom. As of Wednesday morning, some 40 payments had been made to the hackers’ account. Experts believe that attackers launched the virus to sow chaos and not to make a profit.

The Russian IT security firm Kaspersky reported some 2,000 incidences of the same attack, most of them in Russia and Ukraine but also in Switzerland, Poland, Italy, Britain, France and the United States.

Admeira is one of seven companies in Switzerland to have been hacked, according to the Swiss government’s Reporting and Analysis Centre for Information Assurance (MELANI), but was the only one to have publicly reported it via Twitter.

Which virus?

Security experts are divided over whether the attack is a variant of the so-called “Petya” virus which locks computers and demands ransom. In the past, these Trojan viruses have gained access to computers via outdated Windows software, as was also the case with the recent global “WannaCry” attack. A spokesman for MELANI said the agency is analysing the virus but cannot provide details, while Kaspersky analysts believe the virus is not Petya but a new software disguised as such.

Worldwide, companies hit by the attack include the Russian oil company Rosneft, the US pharmaceutical company MSD/Merck, the French railways SNCF, German cosmetics company Beiersdorf, Danish shipper Maersk and food company Mondelez.

Admeira spokeswoman Hofer said that her company will be able to proceed as normal for the next few days because those advertising slots have already been booked. However, after that point, they are “not sure how things will continue”.

swissinfo.ch

 

Full story here Are you the author?
About Swissinfo
Swissinfo
SWI swissinfo.ch – the international service of the Swiss Broadcasting Corporation (SBC). Since 1999, swissinfo.ch has fulfilled the federal government’s mandate to distribute information about Switzerland internationally, supplementing the online offerings of the radio and television stations of the SBC. Today, the international service is directed above all at an international audience interested in Switzerland, as well as at Swiss citizens living abroad.
Previous post See more for 3) Swiss Markets and News Next post
Tags: ,

Permanent link to this article: https://snbchf.com/2017/06/swiss-companies-computers-ransom-hack-2/

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.