Cyber attack hits 200000 in at least 150 countries - Europol
08:23, May 16, 2017
Copyright 2015 All rights reserved. This material can't be published, transferred, copied or redistributed.
An Garda Síochána said early Sunday there had been no identified cyber attack on any Irish state computer system from the wave of worldwide ransomware attacks, although RTÉ reported a suspected attack on healthcare facility in the south-east.
An global manhunt was well under way for the plotters behind what was being described as the world's biggest-ever computer ransom assault.
Europol said a task force at its European Cybercrime Center was "specially created to assist in such investigations and will play an important role in supporting the investigation".
Ryan Kalember, senior vice-president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch was able to spread but was benign because it contained a flaw that wouldn't allow it to take over a computer and demand ransom to unlock files. And the hackers warned that they would delete all files on infected systems if no payment was received within seven days.
But experts and government alike warn against ceding to the hackers' demands.
The US government on Saturday issued a technical alert with advice on how to protect against the attacks, asking victims to report any to the Federal Bureau of Investigation or Department of Homeland Security.
Experts and officials offered differing estimates of the scope of the attacks, but all agreed it was huge.
According to cyber security firm Avast, more than 75,000 WanaCrypt0r 2.0 attacks had been detected in 99 countries as of Friday.
Security experts said it appeared to be caused by a self-replicating piece of software that enters companies when employees click on email attachments, then spreads quickly as employees share documents.
"This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind", the company told customers.
The exploit, known as "EternalBlue" or "MS17-010", took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities.
United States software firm Symantec said the majority of organisations affected were in Europe, and the attack was believed to be indiscriminate.
French carmaker Renault's assembly plant in Slovenia halted production after it was targeted.
In the US, the Computer Emergency Readiness Team, or CERT, says it has "received multiple reports of ransomware infections in several countries around the world".
Germany's national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services. Universities in China, Italy and Greece were also hit.
The global police agency boss warned that "all sectors are vulnerable" and should all take "absolutely seriously" the need to run updated systems.
Organizations around the world spent the weekend trying to recover after being hit by a virus that seeks to seize control of computers until victims pay a ransom. "You're only safe if you patch ASAP", he wrote on Twitter.
A British cyber whiz was hailed an "accidental hero" after he registered a domain name that unexpectedly stopped the spread of the virus, which exploits a vulnerability in Microsoft Windows software.
"He actually probably saved lives by accident", Kennedy said, referring to the security researcher who discovered the kill switch. "Now I should probably sleep".
But around 5 p.m. Friday he got a call to say his biopsy had been canceled as a result of the ransomware attack.
Israeli Prime Minister Benjamin Netanyahu also discussed the cyber threat today.
Sir Michael ruled out concerns over the threat of viruses on Trident operating systems, after the global attack which hit 48 NHS trusts in England and 13 Scottish health boards.
The justice secretary said: "Friday's attack has highlighted the need for everyone to have appropriate and robust measures in place to protect against cyber-attacks which could strike any IT system at any time".