Rosneft reported a powerful hacker attack on their servers. How a gas station Rosneft from you fool will make a hacker attack at refueling TNK
The fact that the gas stations of many countries of the world now have a network connection and will inevitably become the objects of hacker attacks. Worse, even in 2015, detect such systems could be at the cost of minimal effort, using SHODAN and other similar resources.
It seems that expert predictions that such attacks will become commonplace in the future, begin to be implemented. At the end of last week, the American TV channel WJBK spoke about a strange incident at refueling in Detroit.
The incident occurred in the afternoon of June 23, 2018. From under the control of an employee of the gas station, a pump came out, which for more than one and a half hours distributed free fuel to everyone, since the system did not react to any commands. We managed to take advantage of more than ten car owners who managed a total of 1800 US dollars in a strange failure. After the employee, the refueling still stopped the supply of fuel using the "Emergency Set", and then caused the police.
Law enforcement agencies believe that the refueling systems were intended compromised with a certain remote device. It is assumed that the device cut off from the control of the fuel pump of refueling employees and activated the free supply of gasoline. Currently, the police checks cars and drivers who have fallen into the lenses of video surveillance cameras during the incident.
Apparently, law enforcement officers believe that hacking was carried out for free gasoline. This theory may not be not far from the truth - WJBK journalists celebrate in their reports that even on YouTube you can find many detailed instructions According to the deception of modern gas stations and receiving free or very cheap gasoline.
The British edition, as well as a small note that happened, reports that, according to IB specialists, the cause of what happened could be a simple technical failure. However, in addition to this, the publication leads and the commentary of the reader, which has been engaged in more than 10 years technical support Petrol stations. He claims that the attackers could switch the pumps into debug mode during which the gas station equipment really ceases to report on the supply of fuel to cash terminals and actually works autonomously.
The specialist writes that he himself has a device capable of implementing the same trick in most British gas stations. According to him, the manufacturers began to protect their equipment from such unauthorized connections relatively recently, since this industry is not too large, and passwords and specialized equipment get "not in those hands" rather rarely.
Rosneft servers have undergone a "powerful hacker attack," the company reported. With a request to investigate it, she appealed to law enforcement agencies.
Rosneft stated that her servers were subjected to a "powerful hacker attack." This company wrote in his Twitter.
On the fact of Kiberataki, the company appealed to law enforcement agencies.
Rosneft spokesman Mikhail Leontyev informed RBC that most of the company servers have reliable protectionAnd assured that the company understands the consequences of a hacker attack on its system. He did not comment on its consequences for the work of Rosneft gas stations.
Rosneft computers struck the virus similar in its action on Wannacry, told RBC a source in law enforcement agencies. He added that networks under control of Rosneft "Bashneft" were the same attack.
The press service of GROUP-IB, which is engaged in investigating cybercrime, RBC reported that a hacker attack on a number of companies using the Petya encryption virus "very similar" with an attack that occurred in mid-May with the help of a Wannacry malicious program. Petya blocks computers and requires $ 300 in Bitcoins.
"Attack occurred around 14.00. Judging by the photos, this is a PETYA cryptolocker. Distribution method B. local network Similar to Wannacry virus, "follows from the press service of the GROUP-IB.
Sources of "Vedomosti" add that all computers in the UPZ "Bashneft", "Bashneft-mining" and the management of "Bashneft" "have been uniformly rebooted, after which the unspecified software And the Wannacry virus screensaver was displayed. The publication notes that a message appears on the screen with a proposal to translate $ 300 in Bitcoins at the specified address, after which users will be sent to E-mail to unlock computers. It is also emphasized that the virus encrypted all data on custom computers.
The RBC source in Rosneft confirmed the information that a message with a virus appeared on the screens of computers of the company's computers. In "Bashneft", this screen is displayed only on parts of computers. In "Bashneft" also asked all computers all.
According to the press secretary of the company, Rosneft and its subsidiaries work in normal mode after the attack, transfers TASS.
At the same time, an employee of one of the "daughters" Rosneft, which is engaged in the shelf projects, says that computers did not turn off, the screens with red text appeared, but not all employees. Nevertheless, in the company Collapse, the work is stopped. The interlocutors also note that in the office of "Bashneft" in Ufa completely turned off all electricity.
The press service of GROUP-IB, which is engaged in investigating cybercrime, RBC reported that a hacker attack on a number of companies using the Petya encryption virus "very similar" with an attack that occurred in mid-May with the help of a Wannacry malicious program. Petya blocks computers and requires $ 300 in Bitcoins.
"Attack occurred around 14.00. Judging by the photos, this is a PETYA cryptolocker. The dissemination method in the local network is similar to Wannacry virus, - follows from the press service of the GROUP-IB.
At the same time, an employee of one of the "daughters" Rosneft, which is engaged in the shelf projects, says that computers did not turn off, the screens with red text appeared, but not all employees. Nevertheless, in the company Collapse, the work is stopped. The interlocutors also note that in the office of "Bashneft" in Ufa completely turned off all electricity.
At the time of 15:40 Moscow time, Rosneft and Bashneft official sites are not available. The fact of the absence of a response can be confirmed on the server status check resources. The site of the largest "daughter" Rosneft "Yuganskneftegaz" also does not work.
Later, the company wrote in his Twitter that hacker attack could lead to "serious consequences." Despite this, production processes, mining, the preparation of oil was not stopped thanks to the transition to backup System Management, explained in the company.
Currently, the Arbitration Court of Bashkiria ended the meeting, which was considered by Rosneft and the "Bashneft" to the Sistema and System and Invest System on the recovery of 170.6 billion rubles, which, as the oil company claims, " Bashneft "suffered in the form of losses as a result of reorganization in 2014.
The representative of AFK "Sistema" asked the court to postpone the next meeting for a month so that the parties would have time to familiarize themselves with all the petitions. The judge appointed the next meeting in two weeks - on July 12, noting that AFC had many representatives and they would cope for this period.
How do you make a fool for your money.
Placing every day at Rosneft gas stations do not realize at what edge of the abyss go hoping for the best. And so, on a normal day that did not foretelling anything is not usual, I was driving my Moscow MKAD. The gas tank sensor lit a light bulb, and it was decided to shut down to refuel Rosneft located between the Nastykhinsky and Ryazan highway 5 km. MKAD. There were not many cars, so there was no special queue. After waiting in the queue of five minutes, I approach the gas station column, leaving the car to hear a polite duty issue of the teller "- Head, which ?? And how much ?? " By giving the answer, I calmly go to the room to the boxes. After waiting four minutes, I hear the speaker number from the cashier, I pay, I get a check and calmly go back to the car, right, I show the check of the teller, filling the other machine from the back of the speaker, I get the apparent nod and the wishes of a pleasant way, I get into the car, I'll buy I'm going to go and ... now the dear reader will ask and what is all this ??But now it starts the most interesting, touching, I hear the incomprehensible sound from behind and looking into the side mirror, I understand that it's time to become a blonde, I see a torn hose and sticking out a gun, in bewilderment I go out of the car, I try to understand what happened, the tanker comes , not much in a nervous condition, convulsively examine the car for damage, it was good that did not turn out, if the behavior of the tanker turned out to be very polite, correct and adequate, he apologized, he said that I was not in this guilt, and if there is no claims from the driver, then I can go further. After storing a little, coming to myself, I sit in the car, at this moment Senior shift with the requirements to give him my documents for registration of the act of breakdowns of the equipment, to the question of my bewilderment, did the next "-Poscolk, I am completely dealt and trying to hide", coming out of The cars inspected again for the presence of damage, he told him that I don't have any complaints and I do not understand what they want from me, I hear the replica: "Well, how, you broke the equipment to us, you are to blame for this!", I have not much to understand. Saying the situation, I say like a refill had to pull the gun, to which I get: "- this is not the case, you were to blame because I did not make sure of the safety of maneuver," on my question that now to do with all this, I get the answer: "- We will call the traffic police And to draw up a protocol as it is considered an accident and you are to blame! ", drove away, parked to not interfere with other cars and began to wait for the traffic police officers. I wrote a review in to the book "Complaints and Proposals". Employees arrived in 5 hours. They gave a certificate that I am not guilty and in the initiation of an administrative case to refuse. You know, I can not accurately understand, I am guilty or not, I don't have any complaints about the teller, because he showed himself from a good side, but the "chiefs" of gas stations led me to a stupor than and prompted to write this post. What do you think is to blame for this situation ??
The geography of attacks of a new encryptionist virus, blocking computers and requiring redemption, continues to expand. Infected networks in Europe, Asia, America. The global transport and energy giants turned out to be insured. Experts in the meantime are guessing who and why launched a malicious protocol. At once, several cybersecurity specialists said that the virus was divided into the world with the update of the usual accounting program created by Ukrainian programmers. This partly explains why in Ukraine an epidemic-epidemic has taken such threatening scale.
We arrived. Drivers B. Kostroma region. Many of them on the last liters of gasoline crawled to the nearest refueling. And they met the went out of the scoreboard and confused employees. Technical failure - the consequences of a viral attack. The next world cybersciphese hit Russian oil companies. Somewhere refueling has already been opened, but only cash is accepted, somewhere the system has not yet been repaired.
"Yes, I wanted to refue. On TNK in Ryazan yesterday refuel, it was normal, others are also open. And the TNK-Oska refueling in the Vladimir region is also closed, "says Oleg Kudrov driver.
The main victims of a malicious program called Petya Energy Giants, Banks, Airports, Gosstruarts, Danish Maersk Company, known for port and shipping business. On the main page Short text: Our electronic system wrapped. We apologize and try to fix everything as soon as possible.
"We cannot notify our employees on terminals, what containers they need to ship on the ships; Can't get new applications from customers. We do not have access to information, as all applications are deleted. How much time will take data recovery - incomprehensible, "said the representative of the company AP MOLLER-MAERSK Vincent Clerk.
This is the fourth assault of world cyberbastions. And again, protection punched as if playing. Almost all of Europe, America, Argentina, Israel, Australia, China suffered. As the media reported, hackers received access to data of one of the US nuclear power plants. In the Indian International Airport, Mumbai failed a cargo traffic management system - everyone had to do manually.
Most of all went to Ukraine, where everything began. In the air harbors, Kiev and Kharkov registered passengers, too manually. And these are the staff of the Ukrainian News TV channel 24. While leading in live air told about the virus, the journalists were observed behind the scenes as malicious program Infects one computer after another. At this time, the Kiev authorities traditionally found an extreme, accusing Russia. They stated that they took the situation under control and are ready to provide assistance.
"Yes, what help? Listen, they can not help themselves. Sorry, please, please, the entire Cabinet of Ministers cut down. They are not able to help themselves. What is your help?! We will cope with this problem, "the chief editor of the Ukrainian television channel" 24 "Vitaly Kovach commented on the situation.
Meanwhile, analysts found out: the Petya virus is outdated. The mutant program has grown on it. The extortion of the new wave struck two thousand computers worldwide. In Kaspersky Lab, the virus called EXPETR. Only the roots of the entire family of the Software codes developed by the USA Academy of Sciences. They were used in the predecessor Wannacry, which in May struck more than 200 thousand computers in dozens of countries.
"The virus is called EXPETR. This malicious is much more dangerous because they encrypt the files that are important for corporate users and for large companies: power plants, plants, and so on, "the head of the Russian research center" Lab Kaspersky "Yury Vicarov said.
However, the requirements for all intruders are one - redemption. This time 300 dollars in bitcoins, virtual currency. While analysts understand the true motives of the massive attacks.
In May, the Wannacry encrypter infected more than 200 thousand computers, but hackers got less than three thousand dollars. Now, judging by electronic walletAll the planet paid only nine users. So the language will not turn it to call it with extortionable viruses. Rather - programs that prosecute the weak points of large companies throughout the planet.