A global cyberattack has hit the property arm of France’s biggest bank BNP Paribas, one of the largest financial institutions known to be affected by an extortion campaign that started in Russia and Ukraine before spreading.
The worldwide attack has disrupted computers at Russia’s biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that infected more than 300,000 computers last month.
Reverberations from the attack continued on Wednesday with shipping giant A.P. Moller-Maersk, which handles one in seven containers shipped worldwide, telling Reuters it is unable to process new orders.
By Wednesday, Moller-Maersk said in a statement it has “shut down a number of systems to help contain the issue,” while several entities including its oil, tankers and drilling activities “are not operationally affected.”
Among other French companies, retailer Auchan said Tuesday’s cyberattack had hit terminal payments in its stores in Ukraine but the incident was now over.
French construction and building materials group St. Gobain, affected Tuesday by the attack, said its systems were gradually returning to normal.
A BNP spokesperson told Reuters that a person familiar with the matter had said that some of the staff computers of BNP’s real estate subsidiary were blocked on Tuesday.
“The necessary measures have been taken to rapidly contain the attack,” he said.
BNP Paribas Real Estate provides advisory, property, and investment management and development services mostly in Europe.
It employed 3,472 staff at end of last year, with operations in 16 countries, and had the equivalent of about $35 billion Cdn in assets under management.
Links to Ukraine
Many companies affected globally by the cyberattack had links to Ukraine, although there is no indication this was the case for BNP, which owns a bank in the country, UkrSibbank.
The ransomware virus includes a code known as Eternal Blue, which cybersecurity experts widely believe was stolen from the U.S. National Security Agency. The virus can spread rapidly if one computer in the network is infected.
The virus crippled computers running Microsoft Corp’s Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.
Earlier this year, following a similar attack, many banks in Europe said they had stepped up efforts to shield themselves.
Authorities including the European Central Bank have also checked their technology systems in recent years.
Among BNP’s peers, France’s Societe Generale told Reuters on Tuesday it was not affected by the attack. Credit Agricole and BPCE both declined to comment.