Russian oil giant Rosneft and Danish shipping conglomerate AP Moller Maersk is recovering from a huge online cyber attack.
The attack, known as Petya, hit sites worldwide on Tuesday causing several of the world’s largest firms to experience technical difficulties.
State owned Rosneft was among those affected, with the company website shutting down.
In a string of Tweets this morning the firm said it had the situation “under control” and that oil production had not been affected by the disruption.
AP Moller Maersk also released a statement, stating that IT systems acoss “multiple” sites and “select” business units were down.
The statement said: “We have contained the issue and are working on a technical recovery plan with key IT partners and global cyber security agencies.
“We have shut down a number of systems to help contain the issues. At this point our entities Maersk Oil, Maersk Drilling Maersk Supply Services, Maersk Tankers, Maersk Training Svitzer and MCI are not operationally affected. Precautionary measures have been taken to ensure continued operations.”
Maersk said all vessels are maneuverable and able to communicate and that crews were safe.
Big business including advertising giant WPP and law firm DLA Piper were also affected by Tuesday’s attack, while government offices in eastern Europe were hit as well..
A hospital in the US and pharmaceutical company Merck also fell victim, and Cadbury owner Mondelez International said it had experienced a “global IT outage” which it was working to resolve.
Government officials reported major disruption to the power grid, banks and government offices in Ukraine, where news of the attack first emerged on Tuesday.
The latest virus comes just weeks after ransomware – the name given to programmes that hold data hostage by scrambling it until a payment is made – downed systems across the globe, including the NHS in the UK.
More than 200,000 victims in around 150 countries were infected by the WannaCry or Wanna Decryptor ransomware, which originated in the UK and Spain last month, before spreading globally.
The National Cyber Security Centre, part of intelligence agency GCHQ, said it was monitoring the current “global ransomware incident”.
WPP, the world’s biggest advertising business, confirmed it had been hit, while DLA Piper has taken its email system down as a preventative measure.
Ukrainian deputy prime minister Pavlo Rozenko posted a picture of a darkened computer screen on Twitter, saying the computer system at the government’s headquarters had been shut down.
In reference to the attack, the State Agency of Ukraine on Exclusion Zone Management said Chernobyl’s radiation monitoring system has been switched to manual and is operating normally.
An email address posted at the bottom of ransom demands was blocked by Berlin-based host Posteo, which said it had contacted German authorities after realising the account was associated with the malware.
The current ransomware is known as GoldenEye, according to Bogdan Botezatu, a senior e-threat analyst at Bitdefender.
Victims of the malware are asked to pay a 300-dollar ransom after their hard drive is encrypted, crashing their computer.
Mr Botezatu, who warned against paying any money, said on Tuesday night that the malware operators received 27 payments totalling almost 7,000 dollars in digital currency in around five hours.
He said: “I would strongly advise against paying the ransom, because this keeps this vicious circle in which hackers get enough money to fuel even more complex malware and this is why ransomware has become so popular in just three years.
“It’s a billion-dollar business and the more customers they have, the more advanced the future ransomware attacks will be.”
The ransomware is believed to be spreading from one computer to another using the exploit EternalBlue, which was also used in the WannaCry attack.
Mr Botezatu said GoldenEye, a more advanced version of the malware Petya, may have a number of exploits, meaning even those who patched their systems against EternalBlue after the WannaCry attack may still be vulnerable to the latest hack.
He said experts will work on trying to find a flaw in the ransomware in order to create a decryption tool, but there is no guarantee victims will get their information back.
Following last month’s WannaCry incident some of the blame was directed at US intelligence agencies the CIA and the National Security Agency (NSA) who were accused of “stockpiling” software code which could be exploited by hackers.
Dr David Day, a senior lecturer in cyber security at Sheffield Hallam University, said he believed the latest attack is the “tip of the iceberg” and said he is frustrated at how it has been able to unfold.
He said: “Basically what they (the NSA) have done is they have created something which can be used as a weapon, and that weapon has been stolen and that weapon is now being used.
“And I think it underlines the whole need for debate over privacy versus security.
“The NSA will argue that the tool was developed with a need to ensure privacy, but actually what it’s being used for is a weapon against security.”