Petya ransomware hits global corporate earnings

Costly cyber attacks are having a bigger impact on corporate earnings and are becoming a fact of life for companies as Oreo cookie maker Mondelez, drug maker Merck and others said that a destructive attack in the last week of the second quarter disrupted operations.

Mondelez, the world's second-largest confectionary company, reported a 5 percent drop in quarterly sales on Wednesday, blaming shipping and invoicing delays caused by the June 27 attack of the worm, known as Petya.

Other Petya victims include Merck, which last week warned that Petya had halted production of some drugs, saying it has yet to understand the full costs associated with the attack.

The attack also slowed deliveries at FedEx Corp, disrupted port operations of shipping company Maersk and halted production lines at British consumer goods maker Reckitt Benckiser, according to accounts by those companies.

Investors should get used to hearing about cyber attacks during earnings calls, said Ian Winer, equity co-head at Wedbush Securities.

"The trend is accelerating," Winer said. "As hackers get more sophisticated they are taking shots at major companies."

More hackers are becoming adept at developing or finding malware to wipe data on computers, making them inoperable.

One mysterious group known as The Shadow Brokers in April dumped a trove of powerful hacking tools on the Internet, which security experts said were developed by the US National Security Agency.

Code the group released was used for spreading Petya and in the WannaCry attack in May on hospitals, businesses and governments worldwide.

Jake Dollarhide, head of Longbow Asset Management, which manages US$85 million in assets, said he expects cyber attacks to be as common as reports that a storm or oil prices hurt results.

"As stock market investors we have to accept this brand new reality in this new digital age," Dollarhide said.

Petya is a destructive self-propagating "worm" capable of spreading quickly across computer networks, crippling computers by encrypting hard drives so that machines cannot run.

It has taken victims weeks to get factories and other critical systems back online because businesses must individually replace damaged hard drives.

Most businesses are inadequately protected from cyber attacks, said Tom Kellermann, chief executive of investment firm Strategic Cyber Ventures.

"The day of reckoning has come for shareholders," Kellermann said.