Hack hits Chernobyl monitoring system

Article by Adam Duckett

RADIATION monitoring systems at the Chernobyl nuclear plant have been put out of action by a ransomware attack that has hit companies around the world.

The Ukraine government agency that manages the exclusion zone around the melted-down plant said that workers are manually monitoring radiation after a cyberattack knocked out the operation’s Windows-based systems. All plant process systems are operating normally, it said.

Hackers demand US$300 to free locked files

The attack, which originated in Ukraine yesterday, has since spread to Russia, Europe and Australia affecting firms including Rosneft, Merck, and Mondelez.

Victims of the ransomware attack have been told they must pay US$300 in Bitcoin to recover their encrypted files.

The Maersk Group said IT systems are down across its business units including its oil and drilling activities, though they are “not operationally affected”. It said its shipping vessels are manoeuvrable and its crews are safe, however work at its shipping terminals has been impacted.

Local news in Australia reported that computers at a Cadbury factory in Hobart owned by Mondelez were displaying messages demanding payments to release files.

The attack exploits a Windows flaw that Microsoft had released a patch for following the WannaCry ransomware attack that spread around the world in May.

"Our initial analysis found that the ransomware uses multiple techniques to spread, including one which was addressed by a security update previously provided for all platforms from Windows XP to Windows 10 (MS17-010)," a Microsoft spokesperson told AFP.

Researchers warned in February that industry operations are vulnerable to ransomware attacks after it simulated an attack on a water treatment plant that took over programmable logic controllers (PLCs) to shut valves, increase the amount of chlorine added to water, and display false readings.

There is no clear indication of who is behind the latest attack, and there are conflicting statements from IT security firms over whether the attack is a new form of ransomware or an iteration of an existing attack, dubbed Petya.

Article by Adam Duckett

Editor, The Chemical Engineer

Recent Editions

Catch up on the latest news, views and jobs from The Chemical Engineer. Below are the four latest issues. View a wider selection of the archive from within the Magazine section of this site.