Hospitals remain key targets as ransomware attacks expected to increase
This is already believed to be the biggest online extortion attack ever recorded, disrupting computers that run factories, banks, government agencies and transport systems in nations as diverse as the U.S., Russia, Ukraine, Brazil, Spain and India.
At least one hospital was affected, according to police. “We’ve seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released”.
Clapper, who served as intelligence director under President Barack Obama, calls it a “very serious, serious problem”.
While the scale of this weekend’s attack has been massive.
The 200,000 victims included more than 100,000 organizations, Europol spokesman Jan Op Gen Oorth told The Associated Press.
The software holds users hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment – US$300 at first, rising to US$600 before it destroys files hours later.
Worldwide shipper FedEx Corp said some of its Windows computers were also breached.Telecommunications company Telefonica was among the targets in Spain.
The Beijing News said Sunday that students at several universities around the country reported being hit by the virus, which blocked access to their thesis papers and dissertation presentations.
Had it not been for a young cybersecurity researcher’s accidental discovery of a so-called “kill switch”, the malicious software likely would have spread much farther and faster that it did Friday.
The MalwareTech researcher warned on Twitter on Sunday: “Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw”.
What has tech security experts really anxious about this development is the fact that more exploits were released during the NSA leak than what caused last week’s attack. That low-priced move redirected the attacks to MalwareTech’s server, which operates as a “sinkhole” to keep malware from escaping.
The NHS, which was showcased in the opening ceremony of the 2012 Olympic Games, employs more than 1.5 million people, making it the world’s fifth biggest employer after the USA and Chinese militaries, Walmart and McDonald’s. “Or we could potentially see copycats mimic the delivery or exploit method they used”.
Elsewhere in Asia, the Indonesian government urged businesses to update computer security after the malware locked patient files on computers in two hospitals in the capital, Jakarta.
“Just patch their systems as soon as possible”, MalwareTech said. “It can be tough to tell which patch is important, until it is too late”. Today, we use robust testing and analytics to enable rapid updates into IT infrastructure, and we are dedicated to developing further steps to help ensure security updates are applied immediately to all IT environments.
Microsoft President Brad Smith says that the vulnerability exploited by WannaCry was something that the NSA had and was using as a weapon. In January a hacking group calling itself The Shadow Brokers listed for sale a series of tools it claimed to have stolen from the NSA. The original attack lost momentum late on Friday after a security researcher took control of a server connected to the outbreak, which crippled a feature that caused the malware to rapidly spread across infected networks.Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said.Marin Ivezic, cyber security partner at PwC, said that some clients had been “working around the clock since the story broke” to restore systems and install software updates, or patches, or restore systems from backups. This one worked because of a “perfect storm” of conditions, including a known and highly risky security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and malware created to spread quickly once inside university, business and government networks.