Australian businesses have been hit by the latest ransomware attack that struck computer systems at firms and agencies across Europe and the US, in a ‘wake-up call’ for Australia.
Production at Cadbury’s famous chocolate factory in Hobart stopped after its parent company, Mondolez International, was engulfed in the latest cyber attack sweeping the globe.
Transport giant TNT and international legal firm DLA Piper, both of which have offices across Australia, are among those struggling to get their computers working again after they were frozen by the Petya virus.
Australian staff of DLA Piper were warned by a text message on Wednesday morning not to log in or turn on their computers. The IT systems were taken down to contain the situation, according to the text message supplied to the ABC.
Prime Minister Malcolm Turnbull said the government is closely monitoring the Australian impact of the cyber attack.
Mr Turnbull urged businesses and households that suspect they’ve been hit to contact the Australian Cyber Security Centre.
“This attack does appear very similar to the WannaCry ransomware attack,” he told reporters in Cooma NSW.
Production at the Cadbury factory stopped about 9.30pm on Tuesday after computers stopped working at the factory, according to John Short, the Tasmanian secretary of the Australian Manufacturing Workers’ Union.
Mr Short said the factory’s 500 employees, who produce about 50,000 tonnes of chocolate a year, turned up for work on Wednesday, but it’s unclear how long it will take to restore the computer systems so that production can resume.
“Obviously we’re hopeful it’s not going to be too long but we’re not sure how severe the attack is,” Mr Short told AAP.
A photo supplied to the ABC shows a message on computer screens at the Cadbury factory instructing a ransom is to be paid in bitcoin currency.
DLA Piper said it was taking steps to remedy the issue as quickly as possible.
“The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware,” the firm said in a statement.
Australia’s cyber security minister Dan Tehan said the fresh attack was a wake-up call for Australian businesses to regularly back up their data and install the latest security patches.
Local authorities were doing everything possible to prevent the virus spreading here, he said.
“We are aware of the situation and monitoring it closely, we are in contact with our Five Eyes partners,” he said.
“If your business has been infected you should isolate the affected computer from your network to prevent the software spreading and use backup data to restore information.”
Moscow-based cyber security firm Group IB said the ransomware infects and locks a computer, and then demands a US$300 ($A395) ransom to be paid in Bitcoins.
Alastair MacGibbon, the special advisor to the prime minister on cyber security, warned computer users not to be tempted to pay those demanding a ransom in exchange for unlocking their computer.
Experts suggest the malware is taking advantage of the same weaknesses used by the Wannacry attack last month.
Many firms, including US anti-virus giant Symantec, have suggested the ransomware is a variant of Petya, a known ransomware, but Russian cyber-security firm Kaspersky Lab preliminary findings indicate the attacks are from a new ransomware which it’s calling NotPetya.
Kaspersky said it had detected suspected attacks in Poland, Italy, Germany, France and the US, as well as the UK, Russia and Ukraine.
— Anthony Daquin (@AnthonyDaquin) June 27, 2017
– With agencies