At least 74 countries affected in 'biggest ever' cyber attack

Geronimo Vena
Mag 14, 2017

Hospitals, major companies and government offices were hit by a virus that seeks to seize control of computers until the victims pay a ransom.

(AP Photo/Alastair Grant, File).

He said many NHS hospitals in Britain use Windows XP software, introduced in 2001, and as government funding for the health service has been squeezed "IT budgets are often one of the first ones to be reduced". As such, the worm starts on one computer and quickly spreads to all vulnerable systems in the network.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain's National Cryptology Centre of "a massive ransomware attack".

At least two reports said the ransomware, alternately called WanaCryptor 2.0, WannaCry, WCry or WCrypt, was using an NSA exploit called ETERNALBLUE that was revealed in a cache of files posted online by WikiLeaks on April 14.

Earlier, a number of hospitals across England were forced to divert emergency patients after being hit by a suspected cyber attack. Russian Federation appeared to be the hardest hit, according to security experts, with the country's Interior Ministry confirming it was struck.

The Russian Interior Ministry, which runs the country's police, confirmed it was among those that fell victim to the ransomware, which typically flashes a message demanding a payment to release the user's own data. Mikko Hypponen, its chief research officer, calls it "the biggest ransomware outbreak in history".

"Affected machines have six hours to pay up and every few hours the ransom goes up", said Kurt Baumgartner, the principal security researcher at Kaspersky Lab.

NHS Digital said the attack "was not specifically targeted at the NHS and is affecting organizations from across a range of sectors".

ZDNet reported that at least 16 National Health Service hospital systems in England had been hit by the ransomware, and that the infections were starting to appear in Scotland as well.

The vulnerability was being exploited by the NSA for potentially months or years, before the Shadow Brokers group leaked it to the public. They, too, should regularly update with software patches as they're issued.

"All decisions "Kaspersky Lab" detects this rootkit as MEM:Trojan.Win64.EquationDrug.gen. Solutions of Kaspersky Lab also detects programs encoders that were used in this attack, the following verdicts: Trojan-Ransom.Win32.Scatter.uf;; PDM:Trojan.Win32.Generic (for the detection of this malware component "Monitoring System" must be enabled)", - he noted. Hospitals in areas across Britain found themselves without access to their computers or phone systems. Routine appointments had been canceled and ambulances were being diverted to neighboring hospitals.

Ransomware WannaCry, which is causing several problems in services around the globe on Friday, deactivated servers from Telefonica Spain, UK hospitals and also led to the dismissal of the servers of Russia, Ukraine, and India.

Patrick Ward, a 47-year-old sales director, said his heart operation, scheduled for Friday, was canceled at St. Bartholomew's Hospital in London. Some chemotherapy patients were even sent home because their records could not be accessed.

"At this stage we do not have any evidence that patient data has been accessed", NHS Digital said, adding that it will "continue to work with affected organisations to confirm this".

He said the same thing could be done to crucial infrastructure, like nuclear power plants, dams or railway systems. Authorities said they were communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack.

Hospitals in the United Kingdom and telecommunications companies in Spain are among those hit by a "ransomware" attack that locked up computer data and demanded payment to free it.

"Our analysis indicates the attack, dubbed "WannaCry", is initiated through an SMBv2 remote code execution in Microsoft Windows".

"We can only expect this trend to get worse".

Lawless reported from London. That was a shock. Parra reported from Madrid.

Altre relazioni OverNewsmagazine

Discuti questo articolo