Nuance knocked offline by ransomware attacking Europe

The major voice and language tool provider joins the 64 countries hit by the virus, as well as global pharma giant Merck and a health system in Pennsylvania.

By Jessica Davis

June 28, 2017

10:31 AM

Nuance Communications, a major provider of voice and language tools, fell victim to the global ransomware attack on Tuesday.

Portions of its network were affected, and officials said they took measures to contain the outbreak and impact once it learned of the attack. Nuance called on security experts to assist in its response.

Nuance customers took to Twitter to complain about trouble with its transcription services and the Dragon Medical 360 tool, which is used to allow medical dictation directly into the electronic health record.

[Also: 10 stubborn cybersecurity myths, busted]

Nuance has 45 offices globally, with many healthcare clients.

The ransomware attack began in Europe, with Ukraine hit the hardest. The virus shut down Ukraine’s power grid, banks and government offices. Russia-based Rosneft Oil Company, Denmark-based shipping giant A.P. Moller Maersk and India’s largest container port JNPT also fell victim.

Global pharma giant Merck confirmed via Twitter that it was affected by the attack, as well as Pennsylvania-based Heritage Valley Health System.

[Also: WannaCry was not so shocking for nearly half of cybersecurity pros]

Currently, 64 countries have been hit by the Petya ransomware campaign, which encrypts Master File Tree (MTF) tables and overwrites the Master Boot Record. The virus is much more disruptive than other ransomware strains, as it’s capable of rebooting systems and preventing the computer from working.

In existence since 2016, Petya is spread through email with attached infected Microsoft Office documents that execute the SMB worm and spreads to other computers (much like WannaCry).

[Also: Global ransomware attack hits Merck, health system after thrashing Europe (UPDATED)]

The current Petya strain is leveraging the leaked NSA tool ETERNALBLUE to propagate, just as WannaCry did in its campaign.

As for the sudden uptick in infections, Tuesday’s Petya hackers were likely inspired by May’s WannaCry attacks. Business Insider puts the current amount made from the campaign at $9,000, but victims cannot regain access to files after paying the ransom.

Security experts and the FBI have warned against paying ransoms, since ransomware first began to run rampant in 2016. Victims can’t be assured the hackers aren’t stealing data -- and paying the ransom funds further cyberattacks.