New Cyberattack Goes Global, Hits WPP, Rosneft, Maersk

Virus attacks worst in Russia, Ukraine; spreads to U.S. Petya virus is similar to WannaCry; demands $300 ransom

Kellermann Calls Petya Virus 'Full-Fledged Forest Fire' Massive Cyberattack Hits More Than 200,000 Companies A new cyberattack similar to WannaCry is spreading from Europe to the U.S. and South America, hitting port operators in New York, Rotterdam and Argentina, disrupting government systems in Kiev, and disabling operations at companies including Rosneft PJSC, advertiser WPP Plc. and the Chernobyl nuclear facility.

More than 80 companies in Russia and Ukraine were initially affected by the Petya virus that disabled computers Tuesday and told users to pay $300 in cryptocurrency to unlock them, Moscow-based cybersecurity company Group-IB said. About 2,000 users have been attacked so far, according to Kaspersky Lab analysts, with organizations in Russia and the Ukraine the most affected.

Last month's 'WannaCry' was a test run with a kill-switch built in. The one going down now is a full-fledged attack not about money but about projecting global power.

But is this cyber attack a smokescreen or decoy for something else? Something our instincts would say is a conspiracy theory but which has CrowdStrike written all over it?

Independent investigators say this has Deep State involvement (yeah, what I said) launched by the likes of CrowdStike disseminating to criminal syndicates worldwide and launched now to pose a distraction caused by recent investigations of loopholes in 'diplomatic pouches' which are now full-size shipping containers run through ports and also a deflection of recent reports about an investigation of an important Deep State player.

Investigators speculate the UN Security Council may meet on this soon.

Seemingly far-fetched and unrelated is the investigation of Andrew McCabe by the Office of Special Counsel. McCabe is as dirty as they come and is a key player in Deep State resistance. McCabe is the one that pushed to acquire and approve paying the obscene price for the Russian urinating prostitutes' dossier of Trump. McCabe was brought in and inserted in January 2016 to sit on, stonewall, and delay the probe into the Hillary emails, and who is connected to Crowdstrike along with Comey in accepting the Crowdstrike report on the DNC leaks without having the FBI bother to investigate.

McCabe has also put out a $3 million dollar reward for the arrest of Guccifer 2.0 in Central Europe. But it's really a casting call for an actor to step up and audition for the part in return for immunity. Apparently, it's not going well as errors in Word file metadata from Guccifer 2.0 downloads point to a 'Warren Flood' as behind the creation of Guccifer 2.0 which also is in close proximity to when Crowdstrike was at DNC running their scam. These things are not unrelated.

There are a lot of dots connecting but the picture is of McCabe in an intel war room with large screens accessing the monitoring of every target of interest via NSA, NGA, JTTF, and including the capability to monitor the launch of cyber attacks worldwide.

The Deep State war against Trump is real and is slated to pick up after Congress's Summer Recess ends as the Russian Prostitute Dossier persons and Reality Winner are scheduled for hearings leading to Trump's obstruction of justice with Crowdstrike as a star witness. The war against Trump has been delayed as Deep State tightens their coming scripted acts.

This Cyberattack will likely be blamed on the Russians but Alperovitch at Crowdstrike is suspected of being behind it.

The group that is leading the Deep State is a group, a cabal, that are running to save their necks, and their only means of doing that is to take out Trump because the evidence is in the hands of people that can take them down. So they must counterattack and distract by any means to stay alive. This organized cyber attack begs the question of what is the motive of the attack if not money? A distraction of key Deep State player investigations, a cover-up of contraband in shipping freight are shifted out of focus by international tensions caused by an unexplained cyber attack take over the news cycle while behind the scenes actions are carried out without consequence. Project Veritas loses viewers, CNN is freed from its current Russia fixation image that viewers have formed. This is a pattern that is repeated whenever investigators obtain evidence and get closer to exposing those culpable.

Rest of report follows in first post below. Stay tuned.

Rob Wainwright, executive director at Europol, said the agency is “urgently responding” to reports of the new cyber attack. In a separate statement, Europol said it’s in talks with “member states and key industry partners to establish the full nature of this attack at this time.”

Kremlin-controlled Rosneft, Russia’s largest crude producer, said in a statement that it avoided “serious consequences” from the “hacker attack” by switching to “a backup system for managing production processes.”

U.K. media company WPP’s website is down, and employees have been told to turn off their computers and not use WiFi, according to a person familiar with the matter. Sea Containers, the London building that houses WPP and agencies including Ogilvy & Mather, has been shut down, another person said. “IT systems in several WPP companies have been affected,” the company said in emailed statement.

“With there being no global kill switch for this one, we’ll continue to see the numbers rise in different parts of the world as more vulnerable systems become more exposed,” said Beau Woods, deputy director of the Cyber Statecraft Initiative at the Atlantic Council in Washington. Most vulnerable are places “where the operators are a lot of the times at the mercy of manufacturers and providers of those technologies and there’s a long time between existence of a fix and implementation of a fix.”

Global Attack

The hack quickly spread from Russia and the Ukraine, through Europe and into the U.S. A.P. Moller-Maersk, operator of the world’s largest container line, said its customers can’t use online booking tools and its internal systems are down. The attack is affecting multiple sites and units, which include a major port operator and an oil and gas producer, spokeswoman Concepcion Boo Arias said by phone.

APM Terminals, owned by Maersk, is experiencing system issues at multiple terminals, including the Port of New York and New Jersey, the largest port on the U.S. East Coast, and Rotterdam in The Netherlands, Europe’s largest harbor. APM Terminals at the Port of New York and New Jersey will be closed for the rest of the day “due to the extent of the system impact,” the Port said.

Cie de Saint-Gobain, a French manufacturer, said its systems had also been infected, though a spokeswoman declined to elaborate, and the French national railway system, the SNCF, was also affected, according to Le Parisien. Mondelez International Inc. said it was also experiencing a global IT outage and was looking into the cause. Merck & Co. Inc., based in Kenilworth, New Jersey, reported that its computer network was compromised due to the hack.

Port operators at grain terminals in Rosario, Argentina also reported the attack affected operations, including halting some deliveries, beginning Tuesday morning, according to Guillermo Wade, manager of the Rosario port and maritime chamber.

WannaCry Warnings

The strikes follow the global ransomware assault involving the WannaCry virus that affected hundreds of thousands of computers in more than 150 countries as extortionists demanded $300 in bitcoin from victims. Ransomware attacks have been soaring and the number of such incidents increased by 50 percent in 2016, according to Verizon Communications Inc.

Analysts at Symantec Corp., have said the new virus, called Petya, uses an exploit called EternalBlue to spread, much like WannaCry. EternalBlue works on vulnerabilities in Microsoft Corp.’s Windows operating system.

The new virus has a fake Microsoft digital signature appended to it and the attack is spreading to many countries, Costin Raiu, director of the global research and analysis team at Moscow-based Kaspersky Lab, said on Twitter.

The attack has hit Ukraine particularly hard. The intrusion is “the biggest in Ukraine’s history,” Anton Gerashchenko, an aide to the Interior Ministry, wrote on Facebook. The goal was “the destabilization of the economic situation and in the civic consciousness of Ukraine,” though it was “disguised as an extortion attempt,” he said.

Kyivenergo, a Ukrainian utility, switched off all computers after the hack, while another power company, Ukrenergo, was also affected, though “not seriously,” the Interfax news service reported.

Ukrainian delivery network Nova Poshta halted service to clients after its network was infected, the company said on Facebook. Ukraine’s Central Bank warned on its website that several banks had been targeted by hackers.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.