Saturday, May 13, 2017

global ransomware attack

Organizations around the world were digging out this weekend from what experts are calling one of the biggest cyberattacks ever.

Hospitals, major companies and government offices were hit by a virus that seeks to seize control of computers until the victims pay a ransom.

Experts said that even as the spread of the attacks apparently has been stymied, its full ramifications are not yet known because the virus may be lurking still on computers around the world.

Cybersecurity firm Avast said it had identified more than 75,000 ransomware attacks in 99 countries on Friday, making it one of the broadest and most damaging cyberattacks in history.

Avast said the majority of the attacks targeted Russia, Ukraine and Taiwan. But U.K. hospitals, Chinese universities and global firms like Fedex (FDX) also reported they had come under assault.

Security experts said the spread of the ransomware had been inadvertently stopped late Friday. The ransomware was designed to repeatedly contact an unregistered domain in its code. A 22-year-old security researcher in the U.K, who goes by MalwareTech, registered that domain to analyze the attack, but it turned out the ransomware needed it to remain unregistered to keep spreading.

"Thus by registering it we inadvertently stopped any subsequent infections," he told CNNTech.

***

LONDON >> A global “ransomware” attack, unprecedented in scale, had technicians scrambling to restore Britain’s crippled hospital network Saturday and secure the computers that run factories, banks, government agencies and transport systems in many other nations.

The worldwide cyberextortion attack is so unprecedented, in fact, that Microsoft quickly changed its policy, announcing security fixes available for free for the older Windows systems still used by millions of individuals and smaller businesses.

After an emergency government meeting Saturday in London, Britain’s home secretary said one in five of 248 National Health Service groups had been hit. The onslaught forced hospitals to cancel or delay treatments for thousands of patients, even some with serious aliments like cancer.

Home Secretary Amber Rudd said 48 NHS trusts were affected and all but six were now back to normal. The U.K.’s National Cyber Security Center said it is “working round the clock” to restore vital health services.

Security officials in Britain urged organizations to protect themselves by updating their security software fixes, running anti-virus software and backing up data elsewhere.

Who perpetrated this wave of attacks remains unknown. Two security firms — Kaspersky Lab and Avast — said they identified the malicious software in more than 70 countries. Both said Russia was hit hardest.

“This is obviously by far the worst ransomware outbreak we’ve seen in, I think, forever,” said Lawrence Abrams, a New York-based malware expert who runs BleepingComputer.com.

No comments: