Massive ransomware attack hits 99 countries

Global extortion cyberattack hits dozens of nations

But computers and networks that hadn't updated their systems were still at risk.

Microsoft has called the cyber-attack that crippled businesses and services across 150 countries a "wake-up call", and has blamed government agencies for storing details of software vulnerabilities like stockpiled weapons.

Renault said on Saturday it had halted manufacturing at plants in Sandouville, France, and Romania to prevent the spread of ransomware in its systems. The attack held hospitals and other entities hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later. Two big telecom companies, Telefónica (TEF) of Spain and Megafon of Russian Federation, were also hit.

Chinese media reported on Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations. So far approximately 200,000 computers in over 150 countries have been impacted, making this the largest worldwide ransomware attack to date. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits", Smith said.

"I don't believe it will have been a targeted attack, but will simply have been that the ransomware has sought out those organizations that are running susceptible devices", he said.

Across an ocean, Darien Huss, a 28-year-old research engineer for the cybersecurity firm Proofpoint, was doing his own analysis. "It's a big priority of mine that we protect the financial infrastructure", he said.

The threat receded over the weekend after a British-based researcher, who declined to give his name but tweets under the profile @MalwareTechBlog, said he stumbled on a way to at least temporarily limit the worm's spread by registering a web address to which he noticed the malware was trying to connect. Normally, such patches are reserved for organizations willing to pay for extended support.


According to Matthew Hickey, founder of the security firm Hacker House, Friday's attack is not surprising, and it shows many organizations do not apply updates in a timely fashion.

The hackers behind WannaCry took things a step further by creating a ransomware worm, allowing them to demand ransom payments not just from individual but from entire organizations - maybe even thousands of organizations. The ransomware exploited a vulnerability that has been patched in updates of recent versions of Windows since March, but Microsoft until now didn't make freely available the patch for Windows XP and other older systems.

That said, Microsoft can't shirk the blame entirely - it needs to reconsider its responsibility for users that work on older systems, particularly those across large networks that might avoid the sheer cost and scale of regular updating. It seems many PCs didn't get updated, leaving them exposed to the malicious ransomware. Britain's National Cyber Security Center said it could have been much worse if not for a young cybersecurity researcher. That cheap move redirected the attacks to MalwareTech's server, which operates as a "sinkhole" to keep malware from escaping. In the U.S., FedEx reported that its Windows computers were "experiencing interference" from malware, but wouldn't say if it had been hit by ransomware. But the kill switch couldn't help those already infected.

You'll immediately know whether you're infected - you'll be greeted by a popup screen saying "Ooops, your important files are encrypted".

In March, Wikileaks released 8,761 documents and files outlining the Central Intelligence Agency's (CIA) hacking toolkit, that was aimed at exploiting flaws in Apple, Samsung and Microsoft. "Otherwise they're literally fighting the problems of the present with tools from the past".

As part of a comprehensive information governance program, ensure that you have a thorough incident response plan in place that contemplates the occurrence of a ransomware attack.

Share

Related News

  • Intel Corporation Finally Set to Whip Out

    Intel Corporation Finally Set to Whip Out "Core i9" Branding

    Core i7-7640K: 4 cores, 4 threads, 4GHz base, 4.2GHz Turbo, no Turbo Boost 3.0, 6MB of L3 cache, 16 lanes of PCIe 3.0. Both of these CPUs will reach 112W TDP, which is hot but not as much as the reported 140W of the Skylake-X units.
    The popularity of the baby name 'Donald' tumbles in 2016

    The popularity of the baby name 'Donald' tumbles in 2016

    There is only one new name in the top 10 this year-Elijah, the first time he has ever reached the list of 10. The name Kylo could be inspired by Kylo Ren, a character from " Star Wars: The Force Awakens ".

    Manchin criticizes House passage of health care bill

    The clobbering tool has been passed to the Democrats and they will try to employ it during the 2018 midterm elections. Bill Cassidy, R-La., on an alternative health care overhaul and with other senators on how to revamp Medicaid.
  • Jose Mourinho's monumental Europa League gamble will pay off, says Martin Hardy

    United can not finish below sixth this season, no matter what happens in their remaining three fixtures. We had a fantastic record of 25 matches (unbeaten). "When I have 14, 15 players, I can't do it".

    Mets suspend Harvey for violating team rules; Wilk to start

    He opened the season on the 10-day disabled list after straining the same hamstring during the World Baseball Classic. He traveled a ton just to make it there in time for the game, arriving at about 8:45 am he said on the postgame.
    Woman charged with chasing US Rep. David Kustoff

    Woman charged with chasing US Rep. David Kustoff

    Eyewitnesses said there was a "lot of cursing" but that they "couldn't understand a lot of what she was saying". Kustoff voted for the American Health Care Act and posted a statement in support of the bill on his website.
  • David Moyes: 'Sunderland relegation has not damaged my reputation'

    David Moyes: 'Sunderland relegation has not damaged my reputation'

    If we have to take them to Arsenal and use them we will do but obviously we'd like to keep them for the game on Wednesday night. We will definitely have a team to put out and we will go there and be committed but there are one or two we are not sure about.

    North Korean test missile 'capable of carrying nuclear warhead'

    Japanese officials said the missile flew for about 800 kilometers before landing in the Sea of Japan. The South Korean military is gathering and analyzing information.

    Former French PM Manuel Valls pledges allegiance to Emmanuel Macron's movement

    Former French premier Manuel Valls can not run for parliament for president-elect Emmanuel Macron's En Marche! The names of Mr Macron's 577 candidates in the legislative elections are to be announced on Thursday.
  • Madison school budget referendum passes Tuesday, 99 to 49

    Madison school budget referendum passes Tuesday, 99 to 49

    In Brewster, the tally was 762-356 while a supplemental proposition for school bus purchases was also OK'd by a tally of 776-342. Patrons also expressed a desire for more transparency in the district and better communication between the public and the board.
    Samsung Galaxy Note 8 Rumors: Dual Cameras And Other Amazing Features

    Samsung Galaxy Note 8 Rumors: Dual Cameras And Other Amazing Features

    Camera-wise, of course it can not measure up to other devices so don't expect to be taking award-winning mobile photography. The device in question, allegedly the Galaxy J7 Max , is expected to be priced somewhere around Rs 20,000 or less.
    Official Jio Twitter account announces JioFiber preview cities

    Official Jio Twitter account announces JioFiber preview cities

    Along with Telecom sector, Reliance Jio is also set to cater various market by providing various new services. The Fiber Internet service will be coupled with other Jio services, including a set-top box.