Sunday 27 May 2018

200,000 groups hit by ransomware in 150 countries, says Europol

LONDON, May 14, 2017

Friday's cyber attack hit 200,000 victims in at least 150 countries and that number could grow when people return to work on Monday, the head of the European Union's police agency said on Sunday.

Cyber security experts say the spread of the virus dubbed WannaCry - "ransomware" which locked up computers in car factories, hospitals, shops and schools in several countries - has slowed, but that any respite might be brief, reported CNBC.

Europol director Rob Wainwright told ITV's Peston on Sunday programme the attack was unique in that the ransomware was used in combination with "a worm functionality" so the infection spread automatically.

"The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations," he said.

"At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning," stated Wainwright.

He said Europol and other agencies did not yet know who was behind the attack but "normally it is criminally minded and that is our first working theory for obvious reasons".

The main challenge was the fast-spreading capabilities of the malware, he stated adding that, so far, not many people have paid the ransoms that the virus demands.

The attack, which began on Friday, is believed to be the biggest online extortion attack ever recorded, with victims including Britain's hospital network and Germany's national railway, reported CBS News. 

Chinese media reported on Sunday that the "ransomware" virus attacked many university networks in China. The Beijing News said that students at several universities around the country reported being hit by the virus, which blocked access to their thesis papers and dissertation presentations.

The cyberattack was stemmed by a young British researcher and an inexpensive domain registration, with help from another 20-something security engineer in the US.

Britain's National Cyber Security Center and others were hailing the cybersecurity researcher, a 22-year-old identified online only as MalwareTech, who -- unintentionally at first -- discovered a "kill switch" that halted the unprecedented outbreak.

By then, the "ransomware" attack had hobbled Britain's hospital network and computer systems in several countries, in an effort to extort money from computer users. It disrupted computers that run factories, banks, government agencies and transport systems.

It crippled the British health care system for a day, infecting nearly 20 percent of its health care groups, forcing medical treatments to be canceled or postponed for thousands of people, stated the CBS news report.

Spain's telephone system was among the first targeted, CBS News' Jonathan Vigliotti reported. Russia's largest mobile phone company was hit, and FedEx announced it was also infected.

Hackers tricked victims into opening corrupt links in emails disguised as invoices and security warnings. The attack held entities hostage by freezing computers, encrypting data and demanding money through online bitcoin payments.

By encrypting files, hackers rendered them unreadable, and demanded $300 in ransom to decode them. The amount would double after three days. If ignored, hackers warned, the data would be destroyed, Vigliotti reported.

As terrifying as the unprecedented global "ransomware" attack was, cybersecurity experts say it's nothing compared to what might be coming -- especially if companies and governments don't make major fixes.

Tags: cyber attack | Europol | Ransomware |


calendarCalendar of Events