Saturday, 23 June 2018
Latest news
Main » 200000 users, 150 countries hit by ransomware: Europol chief

200000 users, 150 countries hit by ransomware: Europol chief

15 May 2017

Cybersecurity experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan. As per the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems.

"Thus by registering it we inadvertently stopped any subsequent infections", he told CNNTech.

"This kind of ransomware attack has been becoming much more common in recent months so in a way it's perhaps no surprise".

The ransomware worm that stopped vehicle factories, hospitals, shops and schools over the weekend worldwide, with Asia having escaped the worst so far, could wreak fresh havoc on Monday when employees log back on, cyber security experts warned.

One of the theories is that the attack is primarily an attempt to embarrass the U.S. NSA and the intelligence community.

The impact of the ransomware can be measured by the fact Microsoft released a rate and urgent patch for Windows XP (which is unsupported since 2004) to help protect the XP machines.

More news: Fed holds rate steady, notes slower economic growth

Ransomware has a habit of mutating and so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates).

The patches won't do any good for machines that have already been hit. "Most folks that have paid up appear to have paid the initial $300 in the first few hours".

"Because Bitcoin is anonymous and untraceable, it's very hard to find where that money is going so you're sending it to a numbered account and until you can put an identity with a numbered account, you can't prosecute the person doing the crime", Wilkinson said. "However, because WannaCrypt used a single hardcoded domain, my registartion [sic] of it caused all infections globally to believe they were inside a sandbox and exit".

Seven hospitals remained on A&E divert on Sunday afternoon, with ambulances taking emergency patients elsewhere, NHS England said.

Now, the company is offering free security fixes to everyone affected. State media reported that digital payment systems at some gas stations were offline, forcing customers to pay cash.

Security experts warn there is no guarantee that access will be granted after payment. "We held an assessment meeting today and have found that 102 systems of the Andhra Police have been infected with ransomware", Gulshan Rai, director general, CERT-In, said.

More news: Bindi Irwin makes late father Steve proud

On Saturday, Microsoft said it had released updates for older systems.

A massive ransomware attack is now spreading like a tsunami around the world, hitting high profile targets like UK's National Health Service and disabling Spain's Telefonica carrier.

"We are in the second wave", Matthieu Suiche of United Arab Emirates-based cybersecurity company Comae Technologies said.

Another security research firm, MalwareTech, has created a page monitoring the attacks.

Europol said its cyber-crime team, EC3, was working closely with affected countries to "mitigate the threat and assist victims".

Fallon said he would not comment on reports Britain's submarines also run Windows XP software, saying only that the fleet is "fully protected".

More news: Victory meant more to the GOP than the health of millions — LUPICA