A cyber attack dubbed “Petya” took root in Ukraine on Tuesday and is spreading across the world in what appears to be a repeat of the recent WannaCry malware attack — but “without the kill switch that saved us last time,” New York City-based cyber security firm Carbon Dynamics told CMSWire.

Ukrainian Prime Minister Volodymyr Groysman called the scale of the attack “unprecedented,” while Britain’s National Cyber Security Center (NCSC) announced they are “monitoring the situation closely.”

Images and videos surfacing online show the ransomware in action as it takes files and devices hostage. Infected devices display flashes of red and white skull several times before showing a message that demands a payment of 300 Bitcoins in exchange for the user’s data.

WannaCry 2.0?

Many security experts, including analysts from cyber security company Symantec, have confirmed that Petya bears similarities to the WannaCry malware attack that ravaged many hospitals and health organizations, including Britain’s National Health Service (NHS) in May.

IT expert Marcus Hutchins halted WannaCry by uncovering the kill switch — but experts aren’t optimistic of a similar conclusion with Petya.

It appears the warnings from the cyber security community about the threat of a much more severe repeat attack were not heard loudly enough, with major firms neglecting to update and shore up their security measures in light of this renewed cyber aggression.

The Long Reach of Petya

News of more Petya infections is regularly trickling in via Twitter, although some of Europe’s largest companies have already fallen victim.

Learning Opportunities

A number of Ukrainian banks, postal services, supermarkets and government buildings have been hit, while Chernobyl’s radiation monitoring system was also affected, forcing teams on the ground to measure radiation levels manually.

Danish shipping giant Maersk and US-based pharmaceutical company Merck have also been exposed to Petya. The following Tweets tell their own story.

Aside from the few mentioned above, at least six more major organizations have also been struck by Petya, including:

  • Rosneft: Russian oil company
  • WPP: The world’s largest advertising company based in the UK.
  • Saint Gobain: French construction company.
  • Deutsche Post: German postal and logistics company.
  • Mondelez International
  • Evraz: Russian steel company.

This is an ongoing news story and will be updated as further news becomes available.