Cadbury, Ports, DLA Piper deal with Petya malware fallout

Cadbury NZ and DLA Piper's local office have confirmed they were affected by the Petya malware which was locking computer data.

Global shipping giant Maersk was one of the first major companies to be hit with the malware, and have taken their communications offline to manage risk. Ports of Auckland spokesman Matt Ball said this is a problem for the port as it won't be able to receive information on containers and plan accordingly.

"The system we have is so attuned that if they can't [send information] it slows down the whole port," Ball said.

The first affected Maersk vessel arrives on Friday, and a second will arrive on Sunday after stopping at Port of Tauranga.

Other New Zealand companies are also dealing with the fallout of the latest major malware.

In a statement Mondelez, Cadbury's owner, said "this outage had impacted some of [our] systems, but has not affected production in Dunedin."

"At this time, we do not know when our systems will be restored but we appreciate everyone's patience, understand and partnership during this process," the company said.

DLA Piper's New Zealand firm cannot receive external emails while its IT is shut down, but is still able to send emails.

"While we are operationally integrated with DLA Piper global, our IT systems, with the exception of our email system, are essentially separate," the spokesman said.

A local cyber security specialist said 'Petya' malware is neither an attack nor ransomware.

Tom Moore from Wellington-based Aura Information Security said unlike Wannacry, Petya will not yield any financial gains for the originators.

"The email address they set up to notify payment isn't working," Moore said.

Moore also stressed it was not, strictly speaking, an attack, saying it was not targetted but rather "scatter gunned" out.

"It appears the goal of Petya was to cause major disruption," he said.

Moore said these incidents will occur more and more frequently now that hackers have discovered a way to replicate the malware. In the past, cryptolocking - where files are locked and a ransom demanded - was aimed at individual companies or persons. Now, the malware can spread through neighbouring IP addresses reaching huge numbers of people.

It was difficult to say how many people in New Zealand were affected by Petya, Moore said.

Reporting of data breaches is currently not mandatory in New Zealand, meaning it was important for businesses to share and alert the right people.

"This is why sharing and reporting is important - not sharing with others means people can't tool themselves in preparation, so we need to help each other by notifying the right people," Moore said.

More than 80 companies in Russia and Ukraine were initially affected by the Petya virus that disabled computers and told users to pay US$300 ($412) in cryptocurrency to unlock them, according to the Moscow-based cybersecurity company Group-IB.

Telecommunications operators and retailers were also affected and the virus is spreading in a similar way to the WannaCry attack in May, it said.

Rob Wainwright, executive director at Europol, said the agency was "urgently responding" to reports of the new cyber attack. In a separate statement, Europol said it was in talks with "member states and key industry partners to establish the full nature of this attack at this time".

How to protect yourself:

• Consider where you store information - think about backing up critical documents.

• Keep software up-to-date. Don't ignore those pesky messages, patching is essential.

• Run an anti-virus on your computer.

• Put up a firewall.

• Don't open email attachments from a source you don't know.

Tom Moore says personal users should think about spilling tea on their computer; what would you lose from the device and how would it affect you? Consider keeping important documents on a USB or external hard drive.