At Least 100000 Groups In 150 Countries Hit By Ransomware

Evrard Martin
Mai 16, 2017

Apple's Mac computers were not targeted by this ransomware attack so are clear.

A security guard stands outside the Telefonica headquarters in Madrid, Spain, Friday, May 12, 2017. In most cases, ransom was demanded from the user in return for reactivating the system.

In total, 45 NHS organisations in England and Scotland were disrupted - while the huge Nissan plant in Sunderland was among firms hit.

Associated Press writer Sylvia Hui reported this story in London and AP writer Christopher S. Rugaber reported from Washington.

"The global reach is unprecedented", Wainwright says.

Two security firms - Kaspersky Lab and Avast - said they identified the malicious software in more than 70 countries.

More than 75,000 similar attacks reportedly happened in nearly 100 countries, with Russia, Ukraine and Taiwan hardest hit, according to the cybersecurity firm Avast.

Experts believe that we may not even know the extent of how hard the attack hit Asia, and we won't know until Monday.

All it would take is for a new group to change the original malware code slightly to remove the "kill switch" and send it off into the world, using the same email-based methods to infiltrate computer systems that the original attackers used, experts said.

"They said, 'I'm really sorry, but the computer system is down".

The effects were felt across the globe, with Britain's National Health Service, Russia's Interior Ministry and companies including Spain's Telefonica, FedEx the US and French carmaker Renault all reporting disruptions.

Robert Pritchard, a former cyber security expert at Britain's defence ministry, said security specialists might not be able to keep pace with the hackers.

Microsoft took the unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system. Normally, such patches are reserved for organizations willing to pay for extended support.

But the researcher's actions may have saved companies and governments millions of dollars and slowed the outbreak before computers in the US were more widely affected.

On Friday, Microsoft released security updates to Windows and guidelines for consumers and businesses to protect themselves. "So they no longer get the security updates they should be".

An executive at a cybersecurity firm that helped block a global ransomware attack says new variations of the malicious worm are circulating and researchers expect one to develop that can't be stopped. That affordable move redirected the attacks to MalwareTech's server, which operates as a "sinkhole" to keep malware from escaping. "We've seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released".

Security experts expect that the number of infections - which now sits at around 200,000 - will rise this week as workers return to offices and boot their unpatched Windows PCs. The tools appeared stolen by hackers, who dumped them on the internet. "There's always more we can all do to make sure we're secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack". "But there's clearly some culpability on the part of the USA intelligence services".

An IT worker at the public health care system tells The Guardian newspaper that it's the biggest problem they've seen in their six years working for the service. Kaspersky Lab said it had recorded incidents in 74 countries, mostly in Russian Federation, but noted that its visibility "may be limited and incomplete".

Referring to the attack as a "wake-up call", Microsoft's President and Chief Legal Officer, Brad Smith wrote in a blog post that governments have "to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits".

D'autres rapports CampDesrEcrues

Discuter de cet article