{
	"id": "8faf8bd4-ad10-40a7-b9b9-1902463c0762",
	"created_at": "2026-04-06T02:10:35.199401Z",
	"updated_at": "2026-04-10T03:20:03.402451Z",
	"deleted_at": null,
	"sha1_hash": "a0d85e815bde1c6ff6a72434c7d8556438461cbc",
	"title": "Companies still hobbled from fearsome cyberattack | AP News",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 39266,
	"plain_text": "Companies still hobbled from fearsome cyberattack | AP News\r\nBy Raphael Satter, Frank Bajak\r\nPublished: 2017-06-30 · Archived: 2026-04-06 01:56:48 UTC\r\nHOUSTON (AP) — Many businesses still struggled Friday to recover hopelessly scrambled computer networks,\r\ncollateral damage from a massive cyberattack that targeted Ukraine three days ago.\r\nThe Heritage Valley Health System couldn’t offer lab and diagnostic imaging services at 14 community and\r\nneighborhood offices in western Pennsylvania. DLA Piper, a London-based law firm with offices in 40 countries,\r\nsaid on its website that email systems were down; a receptionist said email hadn’t been restored by the close of\r\nbusiness day.\r\nDave Kennedy, a former Marine cyberwarrior who is now CEO of the security company TrustedSec, said one U.S.\r\ncompany he is helping is rebuilding its entire network of more than 5,000 computers.\r\n“It hit everything, their backups, servers, their workstations, everything,” he said. “Everything was just nuked and\r\nwiped.”\r\nKennedy added, “Some of these companies are actually using pieces of paper to write down credit card numbers.\r\nIt’s crazy.”\r\nThe cyberattack that began Tuesday brought even some Fortune 1000 companies to their knees, experts say.\r\nKennedy said a lot more “isn’t being reported by companies who don’t want to say that they are hit.”\r\nThe malware, which security experts are calling NotPetya, was unleashed through Ukraine tax software, called\r\nMeDoc. Customers’ networks became infected downloading automatic updates from its maker’s website. Many\r\ncustomers are multinationals with offices in the eastern European nation.\r\nThe malware spread so quickly, worming its way automatically through interconnected private networks, as to be\r\nnearly unstoppable. What saved the world from digital mayhem, experts say, was its limited business-to-business\r\nconnectivity with Ukrainian enterprises, the intended target.\r\nHad those direct connections been extensive — on the level of a major industrial nation — “you are talking about\r\na catastrophic failure of all of our systems and environments across the globe. I mean it could have been\r\nabsolutely terrifying,” Kennedy said.\r\nMicrosoft said NotPetya hit companies in at least 64 nations, including Russia, Germany and the United States.\r\nVictims include drug giant Merck \u0026 Co. and the shipping company FedEx’s TNT subsidiary. Trade in FedEx\r\nstock was temporarily halted Wednesday.\r\nOne major victim, Danish shipping giant A.P. Maersk-Moller, said Friday that its cargo terminals and port\r\noperations were “now running close to normal again.” It said operations had been restored in Spain, Morocco,\r\nhttps://apnews.com/article/russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2\r\nPage 1 of 3\n\nIndia, Brazil, Argentina and Lima, Peru, but problems lingered in Rotterdam, the Netherlands; Elizabeth, New\r\nJersey; and Los Angeles.\r\nAn employee at an international transit company at Lima’s port of Callao told The Associated Press that Maersk\r\nemployees’ telephone system and email had been knocked out by the virus — so they were “stuck using their\r\npersonal cellphones.” The employee spoke on condition of anonymity because he’s not authorized to speak to\r\nreporters.\r\nBack in Ukraine, the pain continued. Officials assured the public that the outbreak was under control, and service\r\nhas been restored to cash machines and at the airport.\r\nBut some bank branches remain closed as information-technology professionals scrambled to rebuild networks\r\nfrom scratch. One government employee told the AP she was still relying on her iPhone because her office’s\r\ncomputers were “collapsed.” She, too, was not authorized to talk to journalists.\r\nSecurity researchers now concur that while NotPetya was wrapped in the guise of extortionate “ransomware” —\r\nwhich encrypts files and demands payment — it was really designed to exact maximum destruction and\r\ndisruption, with Ukraine the clear target.\r\nComputers were disabled there at banks, government agencies, energy companies, supermarkets, railways and\r\ntelecommunications providers.\r\nUkraine’s government said Thursday that the FBI and Britain’s National Crime Agency were assisting in its\r\ninvestigation of the malware.\r\nSuspicion for the attack immediately fell on hackers affiliated with Russia, though there is no evidence tying\r\nVladimir Putin’s government to the attack.\r\nRelations between Russia and Ukraine have been tense since Moscow annexed the Crimean peninsula from\r\nUkraine in 2014. Pro-Russian fighters still battle the government in eastern Ukraine.\r\nU.S. intelligence agencies declined to comment about who might be responsible for the attack. The White House\r\ndid not immediately respond to questions seeking its reaction to the attack.\r\nExperts have blamed pro-Russian hackers for major cyberattacks on the Ukrainian power grid in 2015 and 2016,\r\nassaults that have turned the eastern European nation into the world’s leading cyberwarfare testing ground.\r\nA disruptive attack on the nation’s voting system ahead of 2014 national elections is also attributed to Russia.\r\nRobert M. Lee, CEO of Dragos Inc. and an expert on cyberattacks on infrastructure including Ukraine’s power\r\ngrid, said the rules of cyberespionage appear to be changing, with sophisticated actors — state-sponsored or not\r\n— violating what had been established norms of avoiding collateral damage.\r\nBesides NotPetya, he pointed to the May ransomware dubbed “WannaCry,” a major cyberassault that some\r\nexperts have blamed on North Korea.\r\nhttps://apnews.com/article/russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2\r\nPage 2 of 3\n\n“I think it’s absolutely reprehensive if we do not have national-level leaders come out and make very clear\r\nstatements,” he said, “that this is not activity that can be condoned.”\r\n___\r\nSatter reported from Paris. Associated Press writers Franklin Briceno in Lima, Peru, and Deb Riechmann in\r\nWashington contributed to this report.\r\nSource: https://apnews.com/article/russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2\r\nhttps://apnews.com/article/russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://apnews.com/article/russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2"
	],
	"report_names": [
		"russia-ukraine-technology-business-europe-hacking-ce7a8aca506742ab8e8873e7f9f229c2"
	],
	"threat_actors": [],
	"ts_created_at": 1775441435,
	"ts_updated_at": 1775791203,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a0d85e815bde1c6ff6a72434c7d8556438461cbc.pdf",
		"text": "https://archive.orkl.eu/a0d85e815bde1c6ff6a72434c7d8556438461cbc.txt",
		"img": "https://archive.orkl.eu/a0d85e815bde1c6ff6a72434c7d8556438461cbc.jpg"
	}
}