Cadbury Ireland is among a growing number of Irish-based companies reported to have been hit by the latest global cyber attack,
Cadbury owner Mondelez International confirmed it had experienced a “global IT outage” on its network and were working to restore their systems.
Other international corporations with offices here, including US pharmaceutical company MSD, global container shipping company Maersk Line, and UK advertising agency WPP, have also said their systems were affected by the attack.
In a statement yesterday, Europol said that critical infrastructure and business systems had been hit by this “new wave of ransomware”, which it said was an updated version of Petya, which emerged in 2016.
“The attack has caused infections worldwide and has not yet been stopped,” said the EU police agency.
Its executive director Rob Wainwright said: “This is another serious ransomware attack with global impact, although the number of victims is not yet known. There are clear similarities with the WannaCry attack, but also indications of a more sophisticated attack capability, intended to exploit a range of vulnerabilities.”
In a statement, Mondelez International said it was working to address the “current global IT outage across Mondelez International”.
It said teams were working offline to “maintain business continuity” but was unable to say when its system would be restored.
Government officials reported major disruption to the power grid, banks and government offices in Ukraine, where news of the attack first emerged on Tuesday.
The latest virus comes weeks after ransomware, the name given to programmes that hold data hostage by scrambling it until a payment is made, downed systems across the globe, including the NHS in the UK.
More than 200,000 victims in around 150 countries were infected by the WannaCry or Wanna Decryptor ransomware, which originated in the UK and Spain last month, before spreading globally.
WPP, the world’s biggest advertising business, which runs PR and marketing divisions in Dublin, confirmed it had been hit, while DLA Piper has taken its email system down as a preventive measure.
Russia’s Rosneft energy company also reported being hit, as did shipping company Moller-Maersk, which said every branch of its business was affected.
Ukrainian deputy prime minister Pavlo Rozenko posted a picture of a darkened computer screen on Twitter, saying the computer system at the government’s headquarters had been shut down.
In reference to the attack, the State Agency of Ukraine on Exclusion Zone Management said Chernobyl’s radiation monitoring system has been switched to manual and is operating normally.
An email address posted at the bottom of ransom demands was blocked by Berlin-based host Posteo, which said it had contacted German authorities after realising the account was associated with the malware.
The ransomware is known as GoldenEye, according to Bogdan Botezatu, an e-threat analyst at Bitdefender. Victims of the malware are asked to pay a ($300) €265 ransom after their hard drive is encrypted, crashing their computer. Mr Botezatu said that the malware operators received 27 payments totalling almost €6,150 in digital currency in around five hours.
Europol advised businesses affected not to pay any ransom, to report the matter to police and to disconnect the infected device from the internet.
This story first appeared in theIrish Examiner