Two of the world’s largest consumer goods companies warned on Thursday their revenues had been hit by last month’s global cyber attack, the first sign the malware had a larger financial impact on multinationals than previously disclosed.
Mondelez International, maker of Oreo cookies and Cadbury chocolates, estimated the attack would shave three percentage points from second-quarter sales growth because of disruptions to shipping and invoices. The US company’s net revenues were $6.4bn in the first quarter.
Its announcement came a few hours after UK-based Reckitt Benckiser, maker of Nurofen painkillers, Durex condoms and Vanish stain remover, said it expected sales would be hit by an estimated £110m this year. It projecting a second quarter like-for-like sales drop of 2 per cent, cutting annual revenue growth by a full percentage point.
Reckitt cautioned that this was not a final estimate since it had not yet recovered fully from the attack.
Mondelez also said it expected to incur “incremental one-time costs” in the second and third quarters, but maintained its guidance of “at least one per cent” organic revenue growth for the year.
Despite its more limited global spread than the WannaCry cyber attack in May, the impact of the “Petya” malware on organisations it has infected is proving to be far more severe.
Cyber security experts dealing with the attack, which started in Ukraine, have advised stricken clients there is no hope of recovering infected systems. Unless organisations have backups of encrypted data, it is lost for good, they have warned.
Western security officials say the severity of Petya’s impact points to its true purpose: not monetary gain, but pure destruction. Researchers at many of the world’s largest cyber security firms — including FireEye, Talos, ESET, Symantec and Bitdefender — have come to the same conclusion.
“We believe with high confidence that the intent of the actor behind [Petya] was destructive in nature and not economically motivated,” Talos, the cyber security arm of Cisco told clients this week.
Other big companies hit have also struggled to get their systems back online more than a week after the initial attack.
AP Moller-Maersk, the world’s largest shipping company, said cargo remains stuck at its ports in Sudan, Benin, Syria, Colombia and Lebanon because of debilitated computer systems. Fifteen ports are still experiencing problems, with one terminal totally unable to dock or unload ships.
At DLA Piper, one of the world’s biggest law firms, employees’ access to emails and documents continue to be severely curtailed in what insiders have called a “disaster”. WPP, the advertising agency owner, and package delivery group TNT, a unit of FedEx, also said they are not back to normal.
“The force of this virus was very significant. All the affected companies that we’ve been in touch with, are still impacted,” said Rakesh Kapoor, Reckitt chief executive. “We are dealing with something unknown to the world. No one had a solution.”
Once Petya has infected a computer, it modifies the machine’s master boot record — a process that would be hard for a criminal blackmailer to wind back. According to Symantec, subsequent encryption of files by Petya also appears to be irreversible.
Western intelligence points towards the Russian government as the culprit for the attack. But disclosable intelligence to back up such claims is still fragmentary, and accusing the Kremlin openly — as US president Donald Trump prepares to meet Vladimir Putin for the first time at the G20 summit — would also be a step fraught with political sensitivities.
Reckitt said Petya disrupted its ability to manufacture and distribute its products to customers in many of the 60 countries in which it operates. “We were unable to ship and invoice some orders to customers before the close of the quarter. Some of our factories are currently still not operating normally but plans are in place to return to full operation,” the company said.
Though it expected some recovery in its third quarter, Reckitt said the infection would limit full year sales growth to 2 per cent, instead of 3 per cent.
That equates to a drop of £112m in annual revenues, according to downgraded estimates from Investec. Eddy Hargreaves, analyst said he now expected Reckitt to report revenues this year of £11.95bn, down from its previous forecast of £12.1bn.
Mondelez said it was “still assessing the full financial impact of this event” but was “making good progress” in restoring its systems.
Reckitt shares fell by 1.5 per cent to £75.83. Mondelez shares dropped 1.2 per cent to $42.55 in after-hours trading.
Additional reporting by Anna Nicolaou, Aliya Ram and Barney Thompson
Get alerts on Cyber Security when a new story is published