"Massive Cyberattack" Spreads Across Europe, Hits Ukraine, Russia, UK, Denmark

Update 3: Germany's Merck also confirms it has been affected by the cyberattack:

* * *


* * *

Update: in addition to the below listed companies, all of which appear to have been targeted in the global cyberattack including Russia's Rosneft and metals giant Evraz, Danish shipper Maersk, UK ad company WPP, the Ukraine central bank, government and airport, more targets are emerging including Norway's national security authority which has said that a Ransomeware attack is ongoing in Norway "similar to the attack on Maersk", while Russia's Home Credit Bank said all domestic branches are closed because of the cyber attack.

As the Spectator adds, companies in Spain are also now affected by the cyberattack which appears to be a modification of the "WannaCry" virus, and has been named "Petya."

A Moscow-based cyber security firm, Group-IB, said it appeared to be a coordinated attack simultaneously targeting victims in Russia and Ukraine, according to Reuters.

* * *

Now that CNN is officially out of the "Russia hacking" fake news business, the Ukraine has decided to fill in the void, and moments ago Ukraine's Deputy Prime Minister Pavlo Rozenko said that the government's computer network was down, in what he claimed was a "massive cyberattack", one which has also impacted the central bank, power plant and airport, and promptly blamed Russia for being behind the attack without a shred of evidence. To "prove" the accusation, he posted a picture on Twitter of a computer screen showing an error message.

“We also have a network 'down',” he wrote. “This image is being displayed by all computers of the government.” The photo showed his PC displaying a message claiming a disk “contains errors and needs to be prepared”, urging the user not to turn it off.

According to local press, numerous Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, including banks, the state energy distributor and Kiev's main airport. "We also have a network 'down'," Rozenko said on Facebook.

Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies.

According to Bloomberg, Kievenergo, a Ukrainian utility, switched off all computers after the hack, while another power company, Ukrenergo, was also affected, though “not seriously,” the Interfax news service reported. Ukrainian airports and railways are operating as usual, according to the Russian news service.

Ukrainian delivery network Nova Poshta halted service to clients after its network was infected, the company said on Facebook. Ukraine’s Central Bank warned on its website that several banks had been targeted by hackers.

After the attack, Ukraine quickly went for the empathy points, tweeting a meme from its official Twitter account.

“Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue,” the account tweeted. Attached was an infamous "this is fine" gif.

* * *

So who's to blame? Why Russia of course.

Speaking to Interfax,the advisor to the Interior Minister of Ukraine, MP Anton Gerashchenko said that "a huge cyber-attack at Ukrainian companies on Tuesday has been organized by Russian intelligence services and it is one of the elements of the hybrid war against Ukraine,

"The intrusion is the biggest in Ukraine’s history,” Gerashchenko wrote on Facebook. The goal was “the destabilization of the economic situation and in the civic consciousness of Ukraine,” though it was “disguised as an extortion attempt,” he said.

"A huge cyber-attack has been started against Ukraine. It was done under the disguise that it is allegedly a virus… According to the preliminary information, this is an organized system, a kind of training by the Russian intelligence services. The attack aims at banks, media and transport communications," he said on 112.Ukraine TV Channel on Tuesday.

One wonders if that preliminary information came from the same FBI that incorrectly claimed the Qatar hack was organized by Russia, when Qatar itself later blamed the "blockade" countries as being behind it.

Gerashchenko said that the virus reached computers during several days and even weeks via getting mails. "Today, at 11:00 [the computers] that were affected by the virus in advance were activated. Thus, this is another example of using cyber-attacks in the hybrid war against our country," he said.

"I think that soon officers of the SBU, the cyber security department of the National Police will unveil the ways how this virus reached the targets and they propose the options to tackle the problem," he said.

* * *

Meanwhile, the fall out in Ukraine, which claimed the cyberattacks are a modified version of the "WannaCry" virus, has been extensive with Ukrainian state-run aircraft manufacturer Antonov among the companies reportedly hit, along with state power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected  along with financial firms.

“As a result of cyber attacks, these banks have difficulties with customer service and banking operations,” a statement said.

“The National Bank bank is confident that the banking infrastructure's defense against cyber fraud is properly set up and attempted cyber attacks on banks' IT systems will be neutralised.”

Oschadbank, one of Ukraine's largest state-owned lenders, said some of its services had been affected by a “hacking attack” but guaranteed that customer data was safe.

Computers and departure boards at Boryspil International Airport in Kiev – the largest in Ukraine – were also down. “The official site of the airport and the scoreboard with the schedule of flights aren't working!” the airport’s acting director, Pavel Ryabikin, wrote on Facebook.

* * *

It wasn't just Ukraine however. As The Independent writes, Danish shipping giant Maersk said its IT systems were down across “multiple sites and businesses due to a cyber attack”, although it was unclear whether it was related to the situation in Ukraine. The congolmerate is the largest container shipping company in the world and also operates in the oil and gas sectors.

Russia's Rosneft, a government-owned oil firm, also said it was targeted by a “massive hacker attack” on its servers, as was steel maker Evraz. "The cyber attack could lead to serious consequences, however, due to the fact that the Company has switched to a reserve control system, neither oil production nor preparation processes were stopped,” a statement from Rosneft said.

British advertising company WPP also said several units were affected by a suspected cyber attack.

Or, as Reuters summarizes:


It was not clear how and why Russian hackers would be able to hack the entire world, Russia included, but that probably does not matter: Ukraine has blamed Russia for repeated cyber attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015. Today was just a continuation, and after all the world still demand Russia hacking narratives.


Ghost of PartysOver Creepy_Azz_Crackaah (not verified) Tue, 06/27/2017 - 10:51 Permalink

I wish I could believe the news and the good in government agencies but I don't.  Anyone remember the story about how the NSA has hacking programs specifically designed to make Russia appear responsible.?  Anyone remember that it was Obama, Clinton and Powers leading the Deep State to overthrow the Ukrainian government?  I keeping adding up the score and have decided that things are really bad or I just need to get a new tin foil hat.

In reply to by Creepy_Azz_Crackaah (not verified)

froze25 (not verified) WTFRLY Tue, 06/27/2017 - 11:10 Permalink

Ukraine Central Bank was already physically hacked, they flew all the gold out on unmarked jets in the middle of the night a couple of years ago now. I actually know one of the lead Engineers for the Federal reserve's cyber security, no one is hacking them unless they want them to. Its tighter then a crabs ass.

In reply to by WTFRLY

Shemp 4 Victory WTFRLY Tue, 06/27/2017 - 11:09 Permalink

This is a diversion by Poroshenko. Ever since the Kiev Regional Council called for his impeachment, he's been "cleaning up loose ends."On June 24th:Mysterious Death: One of the Initiators of Poroshenko’s Impeachment Had a “Car Accident”http://www.stalkerzone.org/mysterious-death-one-initiators-poroshenkos-… LPR Deputy: Poroshenko Could Be Behind the Blowing Up of the Colonel of Ukrainian Intelligencehttp://www.stalkerzone.org/former-lpr-deputy-poroshenko-behind-blowing-…

In reply to by WTFRLY

Urban Roman wildbad Tue, 06/27/2017 - 13:20 Permalink

Now that it is public knowledge that the 'IC' has all these hacking tools, and that they have had backdoors built into every piece of equipment down to the hardware level, it amazes me that $CSCO, $MSFT, $ORCL, $INTC, and $AAPL manage to sell a single unit of their crap outside the USA.If Canada had any sense, it would be ditching these companies as well.

In reply to by wildbad

SMG Sky flyer Tue, 06/27/2017 - 10:30 Permalink

Vault7UMBRAGEThe documents reportedly revealed that the agency had amassed a large collection of cyberattack techniques and malware produced by other hackers. This library was reportedly maintained by the CIA's Remote Devices Branch's UMBRAGE group, with examples of using these techniques and source code contained in the "Umbrage Component Library" git repository. According to WikiLeaks, by recycling the techniques of third-parties through UMBRAGE, the CIA can not only increase its total number of attacks,[50] but can also mislead forensic investigators by disguising these attacks as the work of other groups and nations.[1][41] Among the techniques borrowed by UMBRAGE was the file wiping implementation in the Shamoon. According to PC World, some of the techniques and code snippets have been used by CIA in its internal projects, whose end result cannot be inferred from the leaks. PC World noted that the practice of planting "false flags" to deter attribution was not a new development in cyberattacks: Russian, North Korean and Israeli hacker groups are among those suspected of using false flags.[51] 

In reply to by Sky flyer

Captain Chlamydia SMG Tue, 06/27/2017 - 11:42 Permalink

How difficult is it, to alter the "Original CIA Virus" and upload it somewhere in Paris through a VPN? Or in a Internet Café in Zimbabwe? There is no telling where something digital came from now, is there? I mean, computer virusses do not carry passports, do they?In fact, if some state agency proclaims a cyber attack is hosted by this or that nation (usually they blaim Russia), how can they be sure? They CAN NOT. a Thorough hacker can make any computer "expert" think he or she is in the room next door, or in China. At least, that is what "a hacker" told me some months ago.  Me thinks the pointing finger as in who is to blame is prolly the bad guy himself or has a motive to blaim said party....

In reply to by SMG

Chupacabra-322 Sky flyer Tue, 06/27/2017 - 10:33 Permalink

@ Sky,

Yep. #Vault7.

The default culprit to blame on all cyber attacks moving forward should be with the Pure Evil War Criminal Treasonous Seditious Psychopaths at the


The "Spoofing" or Digital Finger Print & Parallel Construction tools that can be used against Governments, Individuals, enemies & adversaries are Chilling.

The CIA can not only hack into anything -- they can download any "evidence" they want onto your phone or computer.  Child pornography, national secrets, you name it.  Then they can blackmail you, threatening prosecution for whatever crap they have planted, then "found" on your computer.    They can also "spoof" the source of such downloads -- for instance, if they want to "prove" that something on your computer (or Donald Trump's computer) came from a "Russian source"  -- they can spoof the IP address of a Russian source.

The take-away:  no digital evidence the CIA or NSA produces on any subject whatsoever can be trusted.  No digital evidence should be acceptable in any case where the government has an interest, because they have the complete ability to fabricate and implant any evidence on any iphone or computer.  And worse:  they have intentionally created these digital vulnerabilities and pushed them onto the whole world via Microsoft and Google.     Government has long been at war with liberty, claiming that we need to give up liberty to be secure.  Now we learn that they have been deliberately sabotaging our security, in order to augment their own power.  Time to shut down the CIA and all the other spy agencies.  They're not keeping us free OR secure, and they're doing it deliberately.  Their main function nowadays seems to be lying us into wars against countries that never attacked us, and had no plans to do so.

In reply to by Sky flyer

montresor (not verified) Tue, 06/27/2017 - 10:26 Permalink

The democratic party hired a couple kids to trash Ukraine's infrastructure and blame it on the Russians..Because most code in the Ukraine is written in Russian, with commented lines in Russian,.. It's no problem to deploy malware in Russian and then blame the Russians..

spastic_colon Tue, 06/27/2017 - 10:28 Permalink

this is the future or present of the world; computer control under the guise of "cyber attacks" to manipulate everything including the ability to sell your securities.......anyone else notice how slow the "system" seems to be today?This is waht happens when global CB's and gov'ts are allowed to wrestle control and ownership of everything you think you own.