Google Faces Years of EU Oversight on Top of Record Antitrust Fine

Beyond a headline-grabbing EUR 2.4 billion ($2.7 billion) fine EU antitrust regulators have levelled against Google, the Internet giant is likely to be shackled for years by Tuesday’s precedent-setting decision defining the company as a monopoly.

The ruling opens the door for further regulatory actions against more crucial parts of Google’s business – mobile phones, online ad buying and specialised search categories like travel – while easing the standard of proof for rivals to mount civil lawsuits showing Google has harmed them.

So far, investors have shrugged off the EU’s threatened crackdown, with Google’s holding company Alphabet’s shares down 1.8 percent in early US trade amid a continued selloff in technology stocks. The stock has doubled in the two years since European authorities vigorously stepped up investigations of it.

It trades just behind rival Apple as the world’s most valuable stock with a $666 billion (roughly Rs. 42,99,068 crores) market capitalisation.

The real sting is not from the fine for anti-competitive practices in shopping search but the way the EU has thrown the issue back to Google to solve, meaning the company won’t be able to comply through an easy set of technical steps.

In effect, the Commission is forcing Google to demonstrate that rivals have made substantial inroads into its businesses before there is much chance of it being let off the regulatory hook. EU competition chief Margrethe Vestager promised Google was in for years of monitoring to guard against further abuses.

“Just being put on notice can limit Google’s strategic options into the future,” said Matti Littunen, a digital media and online advertising analyst with Enders Analysis in London.

The EU’s 2004 ruling that Microsoft Corp had abused its dominant market position in Windows and other markets is now seen as having curtailed the software giants moves over the subsequent decade to expand more quickly into emerging markets such as online advertising, opening the way for Google’s rise.

Putting the onus on the company underlines regulators’ limited knowledge of modern technologies and their complexity, said Fordham Law School Professor Mark Patterson.

“The decision shows the difficulty of regulating algorithm-based internet firms,” he said. “Antitrust remedies usually direct firms that have violated antitrust laws to stop certain behaviour or, less often, to implement particular fixes.

“This decision just tells Google to apply ‘equal treatment,’ not how to do that”.

Google Faces Years of EU Oversight on Top of Record Antitrust FineWarning shot
The EU ruling is a warning shot for two on-going EU probes into Google’s Android mobile operating system and AdSense ad system, said Richard Windsor, an independent financial analyst who tracks competition among the biggest US and Asian Internet and mobile players, including Google. “If the European Union turns around and says Google can no longer bundle its Google Play app store as a default feature on many Android smartphones, this opens up the market to other handset makers to put their own software and services front and centre on their phones,” he said. Littunen of Enders Analysis agreed, saying while Google may be able to meet EU objections in the AdSense case by making relatively modest changes to its advertising systems to enable website customers to run ads from Google advertising rivals, the Android case has many complicated factors with no easy solution.

More importantly, Google must find ways change its business practices without harming its very lucrative advertising business model, which accounted for around 85 percent of the $90.3 billion (roughly Rs. 5,82,082 crores) in revenue of parent company Alphabet in 2016.

“The EU’s identification of ‘super-dominance’ in Internet search throughout the European Economic Area is confirmed and will provide a cornerstone for assessment of other ongoing cases, especially regarding Android and AdSense,” said Jonas Koponen, competition chief at Linklaters law firm in Brussels.

“This could result in a profound change to the company’s business models,” he predicted. Yet another worry for the company could be a wave of lawsuits in the future.

“We can expect to see a series of damages claims brought by the rivals that were excluded from the market by Google’s conduct,” said Peter Wills, co-head of competition law for Bird & Bird in London, setting the stage for national court battles.

With the EU’s Vestager giving no ground in her record demand last year to collect EUR 13 billion in unpaid taxes from Apple and stopping Google from squeezing out rivals, other tech giants will probably think twice before testing her further.

Cisco Control Center 7.0 Launched, Its Revamped IoT Platform

To meet the growing demand for IoT (Internet of Things) solutions, networking and security major Ciscoon Tuesday launched a new model of its IoT connectivity platform – the Jasper Control Center – offering better analytics and greater security features.

The new Control Center 7.0 addresses the flexibility needs of businesses with a multi-tiered IoT platform that gives them options to meet their specific needs, the company said on Day 2 of Cisco Live, its annual jamboree in Las Vegas that is being attended by some 28,000 people.

“Our Control Center IoT connectivity management platform is the largest IoT platform with over 43 million devices being managed today, and more than 1.5 million new devices being added per month,” said Jahangir Mohammed, General Manager of IoT at Cisco.

“What we’ve learned from enabling IoT success for our 11,000 customers is that companies have different needs at different stages of their IoT journey. So, today we’re… providing a flexible model and new premium services that help meet the needs of customers at any phase,” added Mohammed.

The Control Center 7.0 offers a new tier of the platform – Control Center Advanced – that caters to customers with more sophisticated deployments that need greater capabilities, including advanced security solutions, automation and analytics.

Cisco Control Center 7.0 Launched, Its Revamped IoT PlatformThere are also premium services such as the Threat Protection & Smart Security (TPSS) that provides an IoT-specific solution to protect against malware and other cybersecurity threats, and Traffic Segmentation, a solution to support different types of revenue generation models, the company said.

Control Center 7.0 extends the existing platform’s capabilities – including its global reach via support for cellular networks – to low power devices as well.

It incorporates several Cisco technologies to expand on the platform’s existing security capabilities, with users now getting “multi-layered security controls, including closed user groups, two-factor authentication, whitelisting capabilities and more to identify and solve known issues”, the company said.

It also offers enhanced analytics, providing reports on historical trends of device behaviour and usage that enable users to take action on issues that impact performance, costs and security.

The platform can be integrated with what has been the focus of this year’s Cisco Live event – the newly unveiled “intent-based” networking solution that was developed with significant inputs from the company’s Global Development Centre in Bengaluru.

The new networking architecture, which leverages artificial intelligence and claims to detect security threats with 99 per cent accuracy, will also have a subscription pricing model and has been dubbed as “The Network. Intuitive”.

“Intent-based” networking allows IT to move from traditional processes to automating intent, making it possible to manage millions of devices in minutes – crucial to helping organisations navigate an expanding technology landscape, said the company, which posted revenues of close to $50 billion (roughly Rs. 3,22,696 crores) last year.

In India, the company – which began operations in the country in 1995 – saw profits grow 340 per cent in the 2016 financial year on the back of Smart City initiatives and its partnership with Reliance Jio.

Cisco employs almost 12,000 people across its various centres in New Delhi, Mumbai, Bengaluru, Chennai, Pune, Kolkata, Hyderabad and Gurugram.

Windows 10 to Use AI, Machine Learning to Fight Malware

Microsoft has been caught in the middle of growing cyber-attacks in the past few months, causing the Redmond giant to take some advanced actions to prevent Windows computers from getting malware-infested. The company has revealed that the upcoming Windows 10 Fall Creators Update will upgrade its Windows Defender Advanced Threat Protection that will offer new machine learningprevention capabilities that are designed to prevent such attacks.

The Redmond giant informed CNET that the upgrade will use machine learning through data collected from Microsoft’s cloud-based services to create an artificial intelligence antivirus to better fight against cyber-attacks. Windows enterprise director Rob Lefferts explained that the AI will look for odd behaviour within apps to detect an attack. “If Word were to start allocating memory in big chunks, when it never does, we would be able to detect that. We built the machine learning models around common applications like Word.”

Windows 10 to Use AI, Machine Learning to Fight MalwareMicrosoft listed some of the features that will come with the Windows Defender ATP upgrade in a blog post. Notably, one of the features mentioned is the AI’s ability to identify the presence of a previously unknown malware on a computer. It can then quarantine the malware in the cloud and can protect other computers by developing a unique signature for it. Some other features include browser-focused Application Guard and cloud-related Device Guard and Exploit Guard.

The new security features to Windows 10 ATP will first be made available to enterprise customer, but Microsoft plans to roll them out to everyone sooner or later, CNET says. Additionally, the company also wants ATP to support more than just its own Windows platform and is already working on making that happen.

As you may have heard, another ransomware attack – referred to as Petya – caused major disruptions around the world this week following the WannaCry attacks in May. The attacks have largely affected computers running on dated Windows operating system, and the news of the upgrade is perhaps a way for Microsoft to reassure its users that it is working on ways to better protect your PC, and is looking to AI to help it do that.

Google Must Block Some Search Results Globally, Rules Canada's Top Court

Canadian courts can force Internet search leader Google to remove results worldwide, the country’s top court ruled on Wednesday, drawing criticism from civil liberties groups arguing such a move sets a precedent for censorship on the Internet.

In its 7-2 decision, Canada’s Supreme Court found that a court in the country can grant an injunction preventing conduct anywhere in the world when it is necessary to ensure the injunction’s effectiveness.

“The Internet has no borders – its natural habitat is global,” the Supreme Court wrote in its judgment. “The only way to ensure that the interlocutory injunction attained its objective was to have it apply where Google operates – globally.”

Google, a unit of Alphabet Inc, did not immediately reply to a request for comment.

The case stems from claims by Equustek Solutions, a small technology company in British Columbia that manufactures network devices, that distributor Datalink Technologies Gateways relabeled one of its products and sold it as its own online and acquired trade secrets to design and manufacture a competing product.

Google Must Block Some Search Results Globally, Rules Canada's Top CourtIn 2012, Equustek asked Google to remove Datalink search results until the case against the company was resolved. While Google removed over 300 specific web pages associated with Datalink, it did so only on the Canadian version of its search engine.

The Supreme Court of British Columbia subsequently ordered Google to stop displaying search results in any country for any part of Datalink’s websites.

In its appeal before the Supreme Court of Canada, Google had argued that the global reach of the order was unnecessary and that it raised concerns over freedom of expression.

The Supreme Court rejected Google’s argument that the right to freedom of expression should have prevented the order from being issued.

“This is not an order to remove speech that, on its face, engages freedom of expression values,” the court wrote in its ruling. “We have not, to date, accepted that freedom of expression requires the facilitation of the unlawful sale of goods.”

The global reach was necessary, according to the court, because if the removed search results were restricted to Canada alone, purchasers both in and out of Canada could easily continue to find and buy from Datalink.

OpenMedia, a Canadian group campaigning for open communications, opposed the ruling.

“There is great risk that governments and commercial entities will see this ruling as justifying censorship requests that could result in perfectly legal and legitimate content disappearing off the Web because of a court order in the opposite corner of the globe,” said OpenMedia spokesman David Christopher.

Google cannot appeal the Supreme Court ruling. If the company has evidence that complying with the order would force it to violate other countries’ laws, including interfering with freedom of expression, it can apply to the British Columbia court to alter the order, the Supreme Court said, noting Google has not made such an application.

Kaspersky Lab's US Employees Said to Be Questioned by FBI

The FBI interviewed several US employees of Moscow-based cyber-security firm Kaspersky Lab this week as part of an ongoing agency probe of the company’s operations, according to two sources familiar with the matter.

Federal Bureau of Investigation agents visited the homes of Kaspersky employees late on Tuesday in multiple US cities, though no search warrants were served, according to the sources, who spoke on condition of anonymity because they were not authorized to discuss the FBI probe.

The news followed the disclosure by senior US intelligence officials last month, in testimony before the US Senate Intelligence Committee, that they were reviewing government use of software from Kaspersky Lab, as lawmakers raised concerns that Moscow might use the firm’s products to attack American computer networks.

In response, Eugene Kaspersky, the company’s founder and chief executive, had said during a question-and-answer session on Reddit that he would be willing to appear before the Senate to dispel any concerns about his company’s products.

Kaspersky Lab's US Employees Said to Be Questioned by FBIKaspersky Lab confirmed in an email statement on Wednesday that FBI agents have had “brief interactions” with some of its US employees, discussions that the company described as “due diligence” chats.

The FBI did not immediately respond to requests for comment. NBC News, which first reported news of the interviews on Wednesday, said at least a dozen employees on both the east and west coasts of the United States were paid visits.

It was not clear if the probe of Kaspersky Lab was related to the FBI’s ongoing investigation into Russian interference and potential collusion during the 2016 US presidential election, which is being led by special counsel Robert Mueller.

Kaspersky’s anti-virus software is popular in the United States and around the world, though US officials have long been suspicious that the company may have ties to Russian intelligence agencies.

Kaspersky has said repeatedly it has no ties to any government and that allegations about its products being used to support Russian espionage are unfounded.

Still, concern about Kaspersky has grown as Moscow has been accused of deploying increasingly aggressive cyber-attacks to achieve its geopolitical goals. Russia has repeated denied it engages in state-sponsored hacking of other countries.

Selling Your Old Phone Online? You May Have to Register for GST

The government’s new tax regime, the Goods and Service Tax (GST) is in the process of rolling out, and is targeted for implementation starting July 1. For some of us, it’s been a great chance to pick up a nice deal, as retailers don’t want to forward inventory to the GST norms. Software companies are making money with GST compliance tools, with options ranging from startups to the big firms. One thing you might not have expected though is that if you’re selling your old phone online, you might have to register for GST.

Online sales platform eBay has partnered with Cleartax to offer GST training to sellers, and it noted on its seller centre that every person who supplies goods through an e-commerce operator shall enrolled in GST, irrespective of the turnover. It states: “Basis current guidelines, every seller on www.ebay.in will require to have GST registration at the time of GST rollout.” This includes individual sellers looking to resell one-off items like that phone or laptop you no longer need.

Does this apply to any online platform? For example, if you’re selling your phone on OLX or Quikr, do you still have to register for GST, even though in those cases the payment is often made offline, in cash?

Most likely, but possibly not, seems to be the consensus. Neither company offered a response to our question about GST, however, a source in one informed Gadgets 360 that there is still some confusion about what will, and will not, be covered under the GST regime.

Selling Your Old Phone Online? You May Have to Register for GST“We’re still figuring it out, and once we have a clear picture, we’ll be putting up guidances throughout the site to make sure that the sellers are all complying with the norms,” our source explained, “and we’ll implement it this week, before GST goes live. But right now, we’re still trying to understand, because there are a lot of different categories, and it’s a new norm that we don’t want to take any wrong steps on.”

“If you go and sell a phone on an e-commerce website which may be like a second hand phone,” explained Preeti Khurana, a CA with ClearTax, “you may have to find out the transactional value and levy GST and deposit it with the government.” On the other hand, selling that same phone offline would not fall under the purview of GST, she added, noting that only people with sales over Rs. 20 lakh would need to register if it’s offline. This is what complicates things for sites where the transaction is not concluded online.

Given the confusion around GST, we’d suggest that if you’ve got any old gadgets you want to get rid of, then you should hold a ‘pre-GST sale’ of your own. Otherwise, looking at the state of things, it would probably be best to wait a couple of weeks and let people figure out what the best practices are, before taking on the hassle of registering for GST yourself.

US Senators Seek Military Ban on Kaspersky Lab Products Amid FBI Probe

US senators sought on Wednesday to ban Moscow-based cyber-security firm Kaspersky Lab’s products from use by the military because of fears the company is vulnerable to “Russian government influence,” a day after the FBI interviewed several of its US employees as part of a probe into its operations.

Federal Bureau of Investigation agents visited the homes of Kaspersky employees late on Tuesday in multiple US cities, although no search warrants were served, according to two sources, who spoke on condition of anonymity because they were not authorized to discuss the FBI probe.

Kaspersky Lab confirmed in a statement on Wednesday that FBI agents have had “brief interactions” with some of its US employees, discussions that the company described as “due diligence” chats. The FBI declined to comment.

The interviews were followed on Wednesday by the release of a defence spending policy bill passed by the Senate Armed Services Committee, which would prohibit the US Defense Department from using Kaspersky software platforms because the company “might be vulnerable to Russian government influence,” according to a summary of the legislation.

Democratic Senator Jeanne Shaheen, who amended the spending bill to include the Kaspersky language, said in a statement that “ties between Kaspersky Lab and the Kremlin are very alarming.”

A consensus in Congress and among Trump administration officials believed Kaspersky “cannot be trusted to protect critical infrastructure, particularly computer systems vital to our nation’s security,” Shaheen said.

US Senators Seek Military Ban on Kaspersky Lab Products Amid FBI ProbeThe bill would need to pass the full Senate and House of Representatives and be signed by President Donald Trump in order to become law.

Last month, senior US intelligence officials said in testimony before the Senate Intelligence Committee that they were reviewing government use of software from Kaspersky Lab.

Lawmakers raised concerns that Moscow might use the firm’s products to attack American computer networks, a particularly sensitive issue given allegations by US intelligence agencies that Russia hacked and leaked emails of Democratic Party political groups to interfere in the 2016 presidential election campaign. Russia denies the allegations.

It was unclear whether the probe into Kaspersky Lab was related to an investigation led by special counsel Robert Mueller into Russian election meddling and possible collusion with associates of then-Republican Party candidate Donald Trump.

In response to US lawmakers’ concerns, Kaspersky founder and Chief Executive Eugene Kaspersky had said during a question-and-answer session on Reddit that he would be willing to appear before the Senate to dispel any concerns about his company’s products.

Kaspersky’s anti-virus software is popular in the United States and around the world, though US officials have long been suspicious that the company may have ties to Russian intelligence agencies.

Kaspersky has said repeatedly it has no ties to any government and that allegations about its products being used to support Russian espionage are unfounded.

In a separate statement on Wednesday, the company said, “Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations.” It said that in its 20-year history, the company has abided by “the highest ethical business practices.”

US intelligence agencies believe that the company and its president have had close ties to Russian political and intelligence officials since at least 2012, when a major shakeup of the firm’s executive ranks brought in new members with ties to Russia’s three main intelligence agencies, said one US official familiar with the investigation.

Amazon Prime Day Sale on July 10: Exclusive Launches, Cashbacks, and More to Look Forward to

With the pre-GST sales coming to an end, Amazon has announced the dates of its next big sale. Named Amazon Prime Day, this annual sale is rather big event for the company as it is akin to major sale days, such as Black Friday and Cyber Monday. It will be held across 13 countries this year, and the first time in India. The Amazon sale date in India is July 11, and will be open exclusively for Prime members in the country. This year’s Amazon sale deals will include exclusive launch offers, cashbacks, and discounts on various products including smartphones, and unlimited one-day and two-day delivery for most products. It will also see original and new content being launched on Prime Video running up to Prime Day.

As mentioned above, this will be the first time the Amazon Prime Day sale in held in India. The Amazon sale will start the evening before in all markets the Prime Day sale is available, i.e., 6pm on July 10, and will go on for 30 hours. Many Prime Day deals will be revealed even earlier, on July 9. The Prime Day event is a huge deal across the globe, and in 2015, it even broke a record set by the famous Black Friday sale. To participate in this sale, you need to be a Prime member, and the membership fee is at Rs. 499 per year. Amazon has announced that the deals will be revealed on July 9 to keep the customer prepared of what they want to buy.

Amazon Prime Day Sale on July 10: Exclusive Launches, Cashbacks, and More to Look Forward toAmazon Prime Day Sale deals

Amazon has confirmed exclusive product launches from 30 brands, including Honor, LG. Sharp, and Lego; but has noted that more brands will be unveiled on July 5. All members making purchases in the Amazon sale will get assured offers worth Rs. 1,100 from MakeMyTrip, BookMyShow. There’s up to 15 percent cashback on HDFC cards (up to Rs. 2,000) on purchases of Rs. 5,000 or more, and up to 20 percent cashback on Amazon Pay balance (up to Rs. 200) on topping the balance after June 29. Buying the Amazon Fire TV Stick will give you Rs. 499 cashback as Amazon Pay balance.

Users can also expect ‘thousands of Lightning Deals’ apart from popular ‘Deals of the Day’ in the Amazon Prime Day sale. For all the notifications running up to the Prime Day event, you can register here.

Coming to Prime Video, there will be a host of exclusive and new content that will be launched running up to Prime Day – from July 5 to July 9. These include Star Trek – Beyond (July 5), Deepwater Horizon (July 6), Baahubali: The Lost Legends, Episode 9 (July 7), Sully (July 8), and Zakir Khan’s stand-up comedy special, Haq Se Single (July 9). On July 10 midnight, Amazon will launch its original Inside Edge on Prime Video as well.

Commenting on Prime Day, Amit Agarwal, SVP and Country Head, Amazon India said, “Prime is our flagship program which brings to members the best of Amazon with unlimited free fast delivery, ad-free video streaming, exclusive selection and deals, and much more. We are humbled by the tremendous response to Prime since its launch less than a year ago. We are thrilled to bring Prime Day to India, curating a special experience for our members with 30 hours of exclusive shopping and new streaming content.”

Along with India, China and Mexico will also join the celebration for the first time. The global Prime Day event will be held in 13 countries simultaneously, and these countries include – US, UK, Spain, Mexico, Japan, Italy, India, Germany, France, China, Canada, Belgium, and Austria.

Amazon Targeted by US President Donald Trump Over 'Internet Taxes'

President Donald Trump attacked The Washington Post and Amazon on Twitter Wednesday, arguing that the online retailer was not paying “Internet taxes.”

Trump stated on Twitter Wednesday: “The #AmazonWashingtonPost, sometimes referred to as the guardian of Amazon not paying Internet taxes (which they should) is FAKE NEWS!”

It was not immediately clear what Trump meant by “Internet taxes.” The White House declined to answer questions about the president’s statement.

Amazon.com collects state sales taxes in all 45 states with a sales tax and the District of Columbia, according to their website. State governments have sought to capture sales taxes lost to internet retailers, though they have struggled with a 1992 Supreme Court ruling that retailers must have a physical presence in a state before officials can make them collect sales tax.

Amazon Targeted by US President Donald Trump Over 'Internet Taxes'Amazon did not immediately respond to requests for comment. Washington Post spokeswoman Shani George declined comment.

Amazon CEO Jeff Bezos bought the Washington Post in 2013. He made the purchase as an individual and Amazon.com Inc. was not involved.

Bezos was one of a number of technology executives who visited the White House recently for a strategy session on modernizing government.

Trump has taken shots at Bezos and Amazon on Twitter before.

In 2015, he wrote that Bezos bought the Post “for purposes of keeping taxes down at his no profit company, @amazon.” He added that “If @amazon ever had to pay fair taxes, its stock would crash and it would crumble like a paper bag. The @washingtonpost scam is saving it!”

Petya Ransomware a 'Ruse' to Hide Cyber-Attack Culprit, Claim Researchers

The cyber-attack that crippled computer systems in Ukraine and other countries this week employed a ruse – the appearance of being ransomware – that seems designed to deflect attention from the attacker’s true identity, security researchers said.

And many companies initially fell for it.

The first reports out of cyber-security firms on Monday, when news of the attack hit, was that a new variant of WannaCry, a virus that encrypted data and demanded a ransom to restore it, was on the loose.

In fact, a number of researchers said this week, the malware – which researchers are calling NotPetya – does not encrypt data, but wipes its victims’ computers. If the data is not backed up, it’s lost, they said.

“It definitely wasn’t ransomware and wasn’t financially motivated,” said Jake Williams, founder of Rendition Infosec, a cyber-security firm, which has analysed the virus. “The goal was to cause disruption in computer networks.”

Petya Ransomware a 'Ruse' to Hide Cyber-Attack Culprit, Claim ResearchersMoreover, the email address to make a payment to retrieve data is no longer accessible, said Matt Suiche, a hacker and founder of Comae Technologies, a cyber-security firm.

He said in a blog post this week that the ransomware feint was likely a way to make people think “some mysterious hacker group” was behind the attack rather than a nation state.

“The fact of pretending to be a ransomware while being in fact a nation state attack . . . is in our opinion a very subtle way for the attacker to control the narrative of the attack,” Suiche said.

Security researchers cautioned that it is too early to know for sure who is behind it. But some say that the targeting and distribution method of the malware point to Russia.

More than half the victimized computers were in Ukraine, including banks, energy firms and an airport.

Russia, which has annexed Crimea and has backed separatists in eastern Ukraine, has carried out an aggressive campaign of cyber-attacks and harassment there.

In December, Russian government hackers disrupted the power grid in Kiev and a year earlier they knocked out power in western Ukraine.

In this case, to get into victims’ computers, attackers infected a financial software program in Ukraine, called MEDoc, that delivers software updates to businesses through the Internet.

That’s called a “watering hole” attack, which targets users who navigate to the site for updates or to browse. It is also a tactic that Russian government hackers have used in the past to compromise industrial control system networks, Williams noted.

MEDoc is one of only two software options Ukrainian businesses have to pay their taxes, noted Lesley Carhart, an information security expert.

“This was a clever choice” for several reasons, she noted in a blog post, including that the “distribution base” within the country was “extremely comprehensive” as many companies used the software.

NotPetya did not spread across the open Internet, she said in an email. “Its tactic was to compromise a few computers inside a network” once the hacker got in, say, by delivering the malware through MEDoc. Then it could rapidly spread to other computers in the same network using a variety of other methods.

“While most ‘patient zero’ computers were in Ukraine . . . the corporate networks those computers [connect to] could potentially span the globe, and infection could also spread to any customers, partners, or vendors with whom they had unrestricted network connections and shared accounts,” she said.

That might explain how US pharmaceutical giant Merck, the Danish shipping firm Maerskeven and the Russian oil company Rosneft got infected.

The Rosneft infection might be an unintended consequence – collateral damage, Williams said.

Valentyn Petrov, head of the information security service at Ukraine’s National Security and Defense Council, said that the attack’s timing, on the eve of Ukraine’s Constitution Day, indicated this was a political attack.

“We are in an interesting test phase in which Russia is using modern cyber weapons,” Petrov said, “and everyone is interested to see how it is working – and how threats can be countered.”