New computer virus spreads from Ukraine to disrupt world business

(REUTERS)  A computer virus wreaked havoc on firms around the globe on Wednesday as it spread to more than 60 countries, disrupting ports from Mumbai to Los Angeles and halting work at a chocolate factory in Australia.

Risk-modeling firm Cyence said economic losses from this week's attack and one last month from a virus dubbed WannaCry would likely total $8 billion. That estimate highlights the steep tolls businesses around the globe face from growth in cyber attacks that knock critical computer networks offline.

"When systems are down and can't generate revenue, that really gets the attention of executives and board members," said George Kurtz, chief executive of security software maker CrowdStrike. "This has heightened awareness of the need for resiliency and better security in networks."

Customers queue in 'Rost' supermarket in Kharkiv, Ukraine June 27, 2017 in this picture obtained from social media. MIKHAIL GOLUB via REUTERS

The virus, which researchers are calling GoldenEye or Petya, began its spread on Tuesday in Ukraine. It infected machines of visitors to a local news site and computers downloading tainted updates of a popular tax accounting package, according to national police and cyber experts.

It shut down a cargo booking system at Danish shipping giant A.P. Moller-Maersk (MAERSKb.CO), causing congestion at some of the 76 ports around the world run by its APM Terminals subsidiary..

Maersk said late on Wednesday that the system was back online: "Booking confirmation will take a little longer than usual but we are delighted to carry your cargo," it said via Twitter.

U.S. delivery firm FedEx said its TNT Express division had been significantly affected by the virus, which also wormed its way into South America, affecting ports in Argentina operated by China's Cofco.

The malicious code encrypted data on machines and demanded victims $300 ransoms for recovery, similar to the extortion tactic used in the global WannaCry ransomware attack in May.

Security experts said they believed that the goal was to disrupt computer systems across Ukraine, not extortion, saying the attack used powerful wiping software that made it impossible to recover lost data.

"It was a wiper disguised as ransomware. They had no intention of obtaining money from the attack," said Tom Kellermann, chief executive of Strategic Cyber Ventures.