"Eternal Blue" is the code which is included in the ransomware virus and most probably was stolen from the U.S. National Security Agency (NSA).
Various media reports also list the Russian energy company Rosneft and US pharmaceutical giant Merck as early victims, along with Maersk, a large Danish shipping company.
A Microsoft spokesman said the company's latest antivirus software should protect against the attack.
Singapore's CII sectors and private sectors were issued advisories and technical data such as Indicators of Compromise about Petya following the global attacks, which occurred on Tuesday night. WannaCry also leveraged the EternalBlue exploit, which was leaked as part of a trove of hacking tools believed to belong to the NSA. Until it has been fully investigated, it's hard to say whether some systems protected against WannaCry might still be vulnerable to the new form of Petya.
The confirmations come as reports are surfacing of the first instance of the attack in Israel.
"The state government has also asked for cyber support from Indian Computer Emergency Response Team (CERT-in), the national team for cyber security".
WPP, the world's largest advertising agency, said it was also infected. When you look at a business with hundreds or thousands of computers there's not one thing that can be done to stop it from spreading once it's made it inside. "Nobody can recover your files without our decryption service", the message said according to a screenshot posted by Ukraine's Channel 24. One consumer lender, Home Credit, had to suspend client operations.
It's not clear whether or why the ransomware has suddenly become so much more potent, but Botezatu said that it was likely spreading automatically across a network, without the need for human interaction.
The experts suggest the malware is taking advantage of the same weaknesses used by the WannaCry attack last month. Departments such as America's Homeland Security and Europol are also joining in the investigation, which has equally risky implications as the WanaCry assault.
Unlike typical ransomware, which merely scrambles personal data files, the program wreaking havoc Tuesday overwrites a computer's master boot record, making it tougher to restore even a machine that has been backed up, said Kalember. However, Prime Minister Volodymyr Groysman assures the public that "vital systems" were not penetrated by the debilitating ransomware, which exploits flaws in network security.
According to the Ukraine State security agency, the emails contained infected Word documents or PDF files as attachments.