Some businesses in Asia disrupted by cyber attack, authorities brace for more
08:59, May 17, 2017
Copyright 2015 All rights reserved. This material can't be published, transferred, copied or redistributed.
Attackers used ransomware that misused a security imperfection in Microsoft operating systems, securing clients' records unless they pay the hackers money in the virtual money Bitcoin. "When you combine WannaCry ransomware and a worm this powerful, there's no surprise the result is a global attack". The WannaCry hack threatens to delete users' encrypted files in a week if a ransom of $300 isn't met - doubled if the payment isn't made in within three days.
"We've never seen anything like this", the head of the European Union's policing agency told Britain's ITV television on Sunday.
- Anyone who ignored the March 2017 security update, where the vulnerability was identified and Security Update for Microsoft Windows SMB Server (4013389) was rated as critical for all versions of Microsoft Windows. Companies located in Europe and Asia are thought to be particularly vulnerable to the ransomware as they do not have the same safeguards in place as United States businesses and many of which are running older versions of Microsoft's Windows operating system.
Just one person in an organization who clicked on an infected attachment or bad link, would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response. He added that ransomware attacks were normally criminal rather than political in nature.
While India's cybersecurity unit CERT-In is yet to receive a formal intimation of any major attacks, it has reached out to all government agencies and public utilities to stay alert.
Jakub Kroustek of the security firm Avast said in a blog postupdate around 2000 GMT, "We are now seeing more than 75,000 detections.in 99 countries".
It's hard not to engage in a bit of victim-blaming in this situation, especially because security experts say the attacks could have been prevented.
"This is not targeted at the NHS, it´s an worldwide attack and a number of countries and organizations have been affected", British Prime Minister Theresa May said.
A spokesman for the Russian Health Ministry, Nikita Odintsov, tweeted that the cyberattacks on his ministry were "effectively repelled".
The U.K.'s National Cyber Security Centre said Sunday that there have been "no sustained new attacks" of the kind that struck Friday. (Stuxnet, of course, was a worm targeted at industrial plants).
Ryan Kalember, senior vice-president at Proofpoint Inc., which helped stop its spread, said the version without a kill switch could spread.
The attack had hit more than 200,000 hospitals, corporations, government agencies and other organizations in 150 countries by Monday.
New ransomware variants of the WannaCry virus that devastated industries on a global level beginning Friday have been spotted in the wild in infected computers, according to Cybersecurity firm Comae Technologies Founder Matt Suiche.
The ransomware exploited a vulnerability that has been patched in updates of recent versions of Windows since March, but Microsoft didn't make freely available the patch for Windows XP and other older systems.
"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware", the spokesperson said in a statement.
Telecommunications company Telefonica was among the targets in Spain.
Germany's national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services.