Reach of ‘Ransomware’ Attack Could Expand, Experts Warn
A DDoS attack – or denial of service – is an attempt to flood a website with so much traffic that it impairs normal service.
Businesses around the world had experts working over the weekend to prevent new infections.
Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies.
Since the attack has already been deployed and affected extensively, it is important that Windows PC users take precautionary measures to stay protected from the ransomware.
“This particular attack was relatively easy to shut down”, said Bryce Boland, Asia Pacific chief technology officer for FireEye, a cybersecurity company. The ransomware was created to repeatedly contact an unregistered domain in its code.
Microsoft Corporation (NASDAQ:MSFT) said the attack should be treated around the world as a “wake-up call”, saying software vulnerabilities hoarded by governments have caused “widespread damage”.
“Thus by registering it we inadvertently stopped any subsequent infections”, he told CNNTech.
It remained unclear how many organizations had already lost control of their data to the malicious software – and researchers warned that copycat attacks could follow.
The NCA is working alongside global law enforcement partners including Europol, Interpol and the FBI to investigate the attacks.
The attack, Smith says, “represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action”.
The WannaCry ransomware worm exploits a vulnerability in Microsoft’s Server Message Block (SMB) protocol used to connect to files and folders across a network. The exploit was leaked last month as part of a trove of NSA spy tools.
Microsoft ended up distributing the free patch for the older versions on Friday – the day the ransomware was detected. Two security firms-Kaspersky Lab and Avast-said they had identified the malicious software behind the attack in over 70 countries, although both said the attack had hit Russian Federation the hardest. Only users running on older Microsoft Windows operating systems are vulnerable – they can now install a security update released by the tech company. Security experts continue to urge victims to not pay the ransom fee. “Most folks that have paid up appear to have paid the initial $300 in the first few hours”.
Among the institutions affected include UK’s National Health Service organisations, Germany’s rail network, FedEx in the U.S., Renault factories in France and Russia’s interior ministry. At least 1,600 USA organizations have been infected with the ransomware, including FedEx, Forbes reports.
They proposed a plan to improve cyber security that included a replacement of outdated systems “as a matter of urgency”, calling its continued use “one of the most pressing issues facing IT infrastructure” in the NHS.
“We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally”.