A cyberattack similar to WannaCry entered its secondday, hitting businesses, port operators and government systemsaround the world, with companies struggling to retake control oftheir networks.

A.P. Moller-Maersk shut down systems across its operations tocontain the cyberattack against its computer network as it assessesthe full impact. Global snack giant Mondelez International alsoexperienced a widespread IT outage and shut down its email systemas a precaution against further exposure, forcing employees to workvia cellphones, text messages and personal email.

Other companies including France's BNP Paribas, U.K. advertisinggiant WPP and Hamburg-based Beiersdorf, the maker of Nivea andLabello lip balm, were also coping with the fallout.

The cyberattack began in Ukraine Tuesday, infecting computernetworks and demanding $300 in cryptocurrency to unlock theirsystems. As of midday Tuesday in North America, Kaspersky Labanalysts said about 2,000 users had been attacked.

“Our portal is down and we are not able to take on new ordersuntil we get it back up,” Maersk Line chief commercial officerVincent Clerc said by phone, declining to say when systems wouldreturn to normal. “We're being very cautious to ensure that as webring the applications back up, the attack is contained and rolledback. It limits the accessibility we have at the moment.”

A terminal operated by Maersk at the Jawaharlal Nehru PortTrust, a facility near Mumbai, which is India's biggest containerport, was unable to load or unload shipments because of theattack. With the Gateway Terminal India facility unable to identifywhich shipment belongs to whom, the port is clearing cargomanually, Chairman Anil Diggikar said.

“With there being no global kill switch for this one, we'llcontinue to see the numbers rise in different parts of the world asmore vulnerable systems become more exposed,” said Beau Woods,deputy director of the Cyber Statecraft Initiative at the AtlanticCouncil in Washington.

The attacks had a limited impact in Asia. While there were earlysigns the virus was starting to spread in China, no large-scaleoutbreak was detected, according to Zheng Wenbin, chief securityengineer at Qihoo 360 Technology Co.

After the WannaCry outbreak earlier this year, ransomware isbecoming a routine risk for businesses around the world. Whilebanks and retailers have strengthened defenses against certaintypes of attacks, such as those targeting credit card data, manyothers are still catching up in building their defenses.

However, unlike traditional forms of ransomware, which oftenprovide secure forms of payment in order to release control ofnetworks, the new hack has seemingly concentrated on cripplingsystems, rather than obtaining a ransom. The email address postedon users' locked screens, used by victims to receive decryptionkeys, was easily and swiftly shut down by the email provider.

“If it is a ransomware campaign to make money it doesn't addup,” said Raj Samani, chief scientist at McAfee, a cybersecuritycompany owned by Intel Corp. He said there were many elements ofthe attack that made it look like the perpetrators did not actuallycare all that much about receiving payments.

DLA Piper

Kremlin-controlled Rosneft, Russia's largest crude producer,said it avoided “serious consequences” from the “hacker attack” byswitching to a backup system for managing production processes,however some cash registers failed due to the attacks.

U.K. media company WPP's website was knocked offline, andemployees were told to turn off their computers and not use Wi-Fi,according to a person familiar with the matter. Sea Containers, theLondon building that houses WPP and agencies including Ogilvy &Mather, was been shut down Tuesday, another person said, andworkers Wednesday were encouraged to work from home and avoidlogging into the central network.

Law firm DLA Piper took down its systems as a “precautionarymeasure,” meaning clients couldn't contact its team by email orlandline, according to a notice on its website.

The most vulnerable places are “where the operators are a lot ofthe times at the mercy of manufacturers and providers of thosetechnologies and there's a long time between existence of a fix andimplementation of a fix,” Woods said.

Global Attack

Maersk said its customers can't use online booking tools and itsinternal systems are down. Diggikar said 75 Maersk group terminalswere hit by the attack.

APM Terminals at the Port of New York and New Jersey, which isowned by Maersk, closed Tuesday “due to the extent of the systemimpact,” the Port said.

Cie de Saint-Gobain, a French manufacturer, said its systems hadalso been infected, though a spokeswoman declined to elaborate.Merck & Co. , based in Kenilworth, N.J., reported that itscomputer network was compromised due to the hack.

At BNP Paribas, the attack was stopped from spreading outsidethe property development and management unit, a spokeswoman for theFrench banking group said.

WannaCry Warnings

The strikes follow the global ransomware assault in Mayinvolving the WannaCry virus that affected hundreds of thousands ofcomputers in more than 150 countries as extortionists demandedbitcoin from victims. Ransomware attacks have been soaring and thenumber of such incidents increased by 50% in 2016, according toVerizon Communications Inc.

The attack popped up in government systems in Kiev, thendisabled operations at companies including Rosneft and theChernobyl nuclear facility. More than 80 companies in Russia andUkraine were initially affected, Moscow-based cybersecurity companyGroup-IB said Tuesday. The hack quickly spread through Europe andinto the U.S.

Microsoft Corp., cybersecurity analysts, and Ukrainian policesaid the global hack could be traced to a Ukrainian accountingsoftware producer.

Analysts at Symantec Corp., have said the new virus — initiallybranded Petya — uses an exploit called EternalBlue to spread, muchlike WannaCry. EternalBlue works on vulnerabilities in Microsoft'sWindows operating system.

From: Bloomberg News

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.