Ransomware Attack Sweeps Globe, Locking Computer Networks Worldwide
A worldwide ransomware attack is affecting countries and organizations from a number of different countries. Kaspersky Lab, a Russian cybersecurity firm, said it had detected at least 45,000 attacks in as many as 74 countries.
The United Kingdom's famed National Health Service (NHS) has been hit hard, with hackers locking out 39 NHS organization from their patient data in exchange for ransom payments of £230 each, almost $300, in bitcoin. The hacked screen informs users that unless they pay within three days, the amount will double.
@hackerfantastic Higher ransom requesting in this sample then whats going around. pic.twitter.com/kyB00wU9v1
- DΛNIΞL 🤖 (@DanTehBot) May 12, 2017
Holding hospitals hostage through hacking has become an increasingly common tactic across the globe. Public utilities, from phone companies in Spain to local governments in Sweden, have been hit as well.
In the United States, shipping company FedEx has been hit. FedEx employees in the company's base of Memphis, Tennessee received a text saying "Virus spreading through FedEx with ransomware threat. Could be US wide. I would recommend you turn off your computer if it's Windows just in case."
Ransomware, in this case known as WannaCry, uses malware to lock out someone out from their computer by encrypting the data and then, as the name suggests, demands a fee for getting back in. The tool uses a vulnerability in Microsoft systems that was discovered and developed by the National Security Agency. It was leaked last year by a group called the Shadow Brokers, and Microsoft issued a patch to fix the vulnerability. However, not everyone updates their software.
Think spinning this ransomware attack as using "NSA tools" lets the orgs who decided not to install Windows Updates for 3mo off the hook.
- Pwn All The Things (@pwnallthethings) May 12, 2017
Small businesses are generally seen as easy targets for such attack because they have money on hand, often lack technical expertise, and don't have the time to deal with a lengthy investigation. "It is a little surprising that a larger enterprise was hit, rather than the traditional doctor's, dentist's, lawyer's offices," says Randell Casey, a cybersecurity expert, to Memphis' Commercial Appeal. "A sole proprietor, they spend very little on infrastructure protection, so they become highly susceptible."
While the Shadow Brokers are believed to have Russian connections, there is no current evidence that they, or anyone in the Russian government is behind the attacks. In fact, Russia has been hit the hardest in the attacks. There has been a special focus on its Ministry of Interior which has had at least 1,000 computers frozen. Megafon, a top Russian mobile phone company, has also been hit. There are no known motives beyond money for the attacks.
You can get the Microsoft patch here, and if you use Windows are strongly encouraged to do so. If you're feeling morbid, you can watch the global spread of WannaCry in realtime here.
Source: Gizmodo, BBC, BuzzFeed
You Might Also Like
