Russian oil giant Rosneft, Danish conglomerate AP Moller-Maersk and WPP, the world’s largest advertising company, were among companies and governments hit by hackers yesterday.
Rosneft’s website went down and a series of tweets on the firm’s twitter account confirmed the cyber attack.
The company confirmed it had contacted “law enforcement authorities” and production was unaffected.
AP Moller-Maersk said its IT systems were down “across multiple sites and business units”.
It added: “We continue to assess the situation. The safety of our employees, our operations and customers’ business is our top priority. We will update when we have more information.”
IT systems across Europe were targeted – Ukrainian officials reported serious “intrusions” at the country’s power grid, banks and government offices.
Ukrainian prime minister Volodymyr Groysman described the cyberattack as “unprecedented” , although vital systems were unaffected.
Pavlo Rozenko, the country’s deputy prime minister, posted a picture of a darkened computer screen on Twitter, saying the network at the government’s headquarters had been shut down.
Cyber security experts immediately suspected a form of ransomware, the name given to programmes that hold data hostage by scrambling it until a payment is made.
It is only a few weeks since the last major incident involving ransomware, called WannaCry or WannaCrypt, spread rapidly around the world using digital break-in tools originally created by the US National Security Agency.
More than 200,000 victims in around 150 countries – including the NHS – were infected by the WannaCry or Wanna Decryptor ransomware, which originated in the UK and Spain in May before spreading globally.
WPP said a number of its subsidiaries were affected by the latest cyber attack and it was “assessing the situation”.
Global law firm DLA Piper, which has offices in London and other parts of the UK, revealed it had also been affected.
US pharmaceutical company Merck said: “We confirm our company’s computer network was compromised today as part of global hack. Other organisations have also been affected.
“We are investigating the matter and will provide additional information as we learn more.”
The UK’s National Cyber Security Centre, part of intelligence agency GCHQ, confirmed there had been a “global ransomware incident”.