Ransomware known as Petya seems to have re-emerged to affect computer systems across Europe, causing issues primarily in Ukraine, Russia, England, Germany and India, a Swiss government information technology agency said on Tuesday.
"There have been indications of late that Petya is in circulation again, exploiting the SMB (Server Message Block) vulnerability," the Swiss Reporting and Analysis Centre for Information Assurance (MELANI) said in an e-mail.
It said it had no information that Swiss companies had been impacted, but said it was following the situation. The Petya virus was blamed for disrupting systems in 2016.
- Hackers targeting Israel often experience 'unexpected mishaps', says Israeli security chief
- Cybereason wins $100m investment from SoftBank
- Russian hackers targeted election systems of 21 U.S. states last year, U.S. official tells Congress
The hack has already caused widespread disruption across Europe, hitting Ukraine especially hard.
Company and government officials reported serious intrusions at the Ukrainian power grid, banks and government offices. Russia's Rosneft oil company also reported falling victim to hacking, as did Danish shipping giant A.P. Moller-Maersk.
Ukraine's prime minister called the cyberattack "unprecedented" but "vital systems haven't been affected." Deputy Prime Minister Pavlo Rozenko on Tuesday posted a picture of a darkened computer screen to Twitter, saying that the computer system at the government's headquarters has been shut down.
There's very little information about who might be behind the disruption, but technology experts who examined screenshots circulating on social media said it bears the hallmarks of ransomware, the name given to programs that hold data hostage by scrambling it until a payment is made.
The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the U.S. National Security Agency and recently leaked to the web.