Global cyberattack: A super-simple explanation of what happened

Geronimo Vena
Mag 16, 2017

Proofpoint and a British cybersecurity researcher teamed up Friday to derail the attack that was said to strike at least 100,000 organizations in 150 countries.

Putin said the incident was "worrisome" but had done "no significant damage" in Russian Federation and called for urgent global talks on countering the hackers.

Brad Smith criticized US intelligence agencies, including the CIA and National Security Agency, for "stockpiling" software code that can be used by hackers.

Microsoft's lawyer says governments should "report vulnerabilities" that they discover to software companies, "rather than stockpile, sell, or exploit them". "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen", wrote Smith.

"The governments of the world should treat this attack as a wake up call".

But global fears eased on Monday as the number of incidents reported levelled off.

"It started its assault against hospitals across the United Kingdom and shortly after spilled across the globe", the agency said. A deal with Microsoft to update security patches for the system was allowed to expire in 2015, yet hospitals continued to use the software.

According to The Sunday Times, a security update released by Microsoft in March to protect against the virus "was not applied in many NHS organisations that had been using Windows XP, an older operating system".

THE CYBER attack on the NHS that caused major problems to hospitals across the country has affected a GP practice in Thornbury. Stockpiling missiles in a toilet cubicle would be inexcusable, so why store software vulnerabilities in a system than can comparably be kicked open?

"We've never seen anything like this", the head of the European Union's policing agency told Britain's ITV television, calling its reach "unprecedented".

Following a meeting of the Government's Cobra contingencies committee, Home Secretary Amber Rudd said more than a million patients had been treated in the course of Monday.

"(There have been) remarkably few payments so far that we've noticed as we are tracking this, so most people are not paying this, so there isn't a lot of money being made by criminal organisations so far".

Yesterday, security firm Digital Shadows said that transactions totalling Dollars 32,000 had taken place through Bitcoin addresses used by the ransomware.

He added: "The trust's security measures that we have got in place are stable and still holding firm". The malware not only infects targets through traditional means - such as phishing campaigns, malicious emails, and dodgy attachments - but once a system has been infected, the malicious code scans for additional targets through networks and jumps to fresh victims.

The attack therefore spread faster than previous, smaller-scale ransom ware attacks.

Among those affected by the virus was Nissan, but the vehicle manufacturer said there had been no major impact.

Becky Pinkard, from Digital Shadows, a UK-based cyber-security firm, told AFP news agency that it would be easy for the initial attackers or "copy-cat authors" to change the virus code so it is hard to guard against.

"The very nature of this particular malware, this sort of ransomware attack, is very potent because unlike more routine ones this one has used a sort of worm to exploit the operating system and bolted on a ransomware so that it spread incredibly quickly in hours not weeks or days", Wallace said.

Altre relazioni OverNewsmagazine

Discuti questo articolo