AP Moller-Maersk and TNT Express are among a rapidly growing number of companies so far affected by this week’s global cyber-attack, which has also hit Ukraine’s power network, transport services and banks, as well as the Rosneft oil company in Russia.
Security experts said a malicious software called Petya and a similar strain of the virus called GoldenEye were responsible. More companies are expected to be affected by the attack this week.
Maersk, one of the world’s biggest ocean carriers with 600 vessels, said the ransomware attack had brought down IT systems across multiple sites around the world and also hit its terminal division, APM Terminals, at a number of ports. Operations at certain ports, including those in India, are having to be handled manually and ships diverted to alternative terminals that have escaped infection.
In a statement, the company said that Maersk Line ocean-going vessels were manoeuvrable and able to communicate, and that their crews were safe.
“We have contained the issue and are working on a technical recovery plan with key IT partners and global cyber-security agencies,” said Maersk.
TNT Express advised customers that they could see delays in the transit of shipments “particularly inter-continental or non-EU European delivery” while it worked to fix its systems. It added that it was not able to collect shipments of dangerous goods.
The latest attack follows one last month in which the ‘WannaCry’ virus infected 150 businesses around the world, including Renault-Nissan, German rail provider Deutsche Bahn and FedEx (which now owns TNT Express).
Last week, Honda announced that it had halted production at the Samaya plant in Japan after finding the WannaCry ransomware in its network. The carmaker said the virus had affected networks across Japan, North America, Europe, China and other regions but production at other plants had not been stopped.
Software expert Bitdefender said that the GoldenEye strain of the ransomware, which began spreading on Tuesday, encrypted a computer’s entire hard disk and denied the user access to their files. However, unlike Petya, Bitdefender said there was no way to help those affected retrieve the decryption keys from the computer and all data could be destroyed.
The malware is affecting computers using older Microsoft platforms which it forcibly crashes to trigger a reboot that renders the computer unusable until the $300 ransom is paid in bitcoins.