A new and highly virulent outbreak of data-scrambling software — apparently sown in Ukraine — caused disruption across the world Tuesday. Following a similar attack in May , the fresh cyber-assault paralysed some hospitals, government offices and major multinational corporations in a dramatic demonstration of how easily malicious programs can bring daily life to a halt.
Ukraine and Russia appeared hardest hit by the new strain of ransomware — malicious software that locks up computer files with all-but-unbreakable encryption and then demands a ransom for its release. In the United States, the malware affected companies such as the drugmaker Merck and Mondelez International, the owner of food brands such as Oreo and Nabisco.
Its pace appeared to slow as the day wore on, in part because the malware appeared to require direct contact between computer networks, a factor that may have limited its spread in regions with fewer connections to Ukraine.
The malware’s origins remain unclear. Researchers picking the program apart found evidence its creators had borrowed from leaked National Security Agency code, raising the possibility that the digital havoc had spread using U.S. taxpayer-funded tools.
“The virus is spreading all over Europe and I’m afraid it can harm the whole world,” said Victor Zhora, the chief executive of Infosafe IT in Kiev, where reports of the malicious software first emerged early afternoon local time Tuesday.
In Ukraine, victims included top-level government offices, where officials posted photos of darkened computer screens, as well as energy companies, banks, cash machines, gas stations, and supermarkets. Ukrainian Railways and the communications company Ukrtelecom were among major enterprises hit, Infrastructure Minister Volodymyr Omelyan said in a Facebook post .
The virus hit the radiation-monitoring at Ukraine’s shuttered Chernobyl power plant, site of the world’s worst nuclear accident, forcing it into manual operation.
Multinational companies, including the global law firm DLA Piper and Danish shipping giant A.P. Moller-Maersk were also affected, although the firms didn’t specify the extent of the damage.
Ukraine bore the brunt with more than 60 percent of the attacks, followed by Russia with more than 30 percent, according to initial findings by researchers at the cybersecurity firm Kaspersky Lab. It listed Poland, Italy and Germany, in that order, as the next-worst affected.
In the U.S, two hospitals in western Pennsylvania were hit; patients reported on social media that some surgeries had to be rescheduled. A spokeswoman for Heritage Valley Health System would say only that operational changes had to be made. A Wellsville, Ohio, woman at one of its hospitals to have her gallbladder removed said she noticed computer monitors off and nurses scurrying around with stacks of paperwork.
Security experts said Tuesday’s global cyberattack shares something in common with last month’s outbreak of ransomware, dubbed WannaCry . Both spread using digital lock picks originally created by the NSA and later published to the web by a still-mysterious group known as the Shadowbrokers.