The worldwide "ransomware" CyberAttack wreaked havoc in Hospitals, Schools and Offices across the globe on Monday. Asia reported thousands
of new cases but no large-scale breakdowns as workers started the week
by booting up their computers.
The full
extent of the damage from the cyberattack felt in 150 countries was
unclear and could worsen if more malicious variations of the online
extortion scheme appear.
The initial
attack, known as "WannaCry," paralyzed computers running Britain's Hospital Network, Germany's National Railway and scores of other
companies and government agencies around the world.
As
a loose global network of cybersecurity experts fought the ransomware,
the attack was disrupting computers that run Factories, Banks, Government Agencies and Transport Systems in scores of countries,
including Russia, Ukraine, Brazil, Spain, India and Japan, among others.
Among those hit were Russia's Interior Ministry and companies including
Spain's Telefonica and FedEx Corp. in the U.S.
Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices.
The
Japan Computer Emergency Response Team Coordination Center, a nonprofit
group providing support in computer attacks, said 2,000 computers at
600 locations in Japan were reported affected. Companies including
Hitachi and Nissan Motor Co. reported problems but said they had
not seriously affected their business operations.
Auto
manufacturer Renault said one of its plants, which employs 3,500 people
in Douai, northern France, wasn't reopening Monday as technicians dealt
with the cyberattack's aftermath. The temporary halt in production was a
"preventative step," Renault said, giving no details on how badly the
plant was affected by the malware.
In
China, universities and other educational institutions were among the
hardest hit, possibly because schools tend to have old computers and be
slow to update operating systems and security, said Fang Xingdong,
founder of ChinaLabs, an internet strategy think tank.
Railway
stations, mail delivery, gas stations, hospitals, office buildings,
shopping malls and government services also were affected, China's
Xinhua News Agency said, citing the Threat Intelligence Center of Qihoo
360, a Chinese internet security services company.
Elsewhere
in Asia, the Indonesian government urged businesses to update computer
security after the malware locked patient files on computers in two
hospitals in the capital, Jakarta.
Patients arriving at Dharmais Cancer Hospital had to wait several hours while staff worked with paper records.
Officials
in Japan and South Korea said they believed security updates had helped
ward off the worst of the impact. But the South Korean cinema chain CJ
CGV Co. was restoring advertising servers at dozens of theaters after
the attack left the company unable to display trailers of upcoming
movies.
Experts urged organizations and
companies to immediately update older Microsoft operating systems, such
as Windows XP, with a patch released by Microsoft Corp. to limit
vulnerability to a more powerful version of the malware - or to future
versions that can't be stopped.
Paying ransom will not ensure any fix, said Eiichi Moriya, a cybersecurity expert and professor at Meiji University. "You
are dealing with a criminal," he said. "It's like after a robber enters
your home. You can change the locks but what has happened cannot be
undone. If someone kidnaps your child, you may pay your ransom but there
is no guarantee your child will return."
New
variants of the rapidly replicating worm were discovered Sunday. One
did not include the so-called kill switch that allowed researchers to
interrupt the malware's spread Friday by diverting it to a dead end on
the internet.
Ryan Kalember, senior vice
president at Proofpoint Inc. which helped stop its spread, said the
version without a kill switch could spread. It was benign because it
contained a flaw that prevented it from taking over computers and
demanding ransom to unlock files but other more malicious ones will
likely pop up.
"We haven't fully dodged this bullet at all until we're patched against the vulnerability itself," Kalember said.
The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later.
Just
one click on an infected attachment or bad link would lead to all
computers in a network becoming infected, said Vikram Thakur, technical
director of Symantec Security Response. "That's what makes this more troubling than ransomware was a week ago," Thakur said.
The
attack has hit more than 200,000 victims across the world since Friday
and is seen as an "escalating threat," said Rob Wainwright, the head of
Europol, Europe's policing agency.
"The numbers are still going up," Wainwright said.
Microsoft's
top lawyer is laying some of the blame at the feet of the U.S.
government. Brad Smith criticized U.S. intelligence agencies, including
the CIA and National Security Agency, for "stockpiling" software code
that can be used by hackers. Cybersecurity experts say the unknown
hackers who launched this weekend's "ransomware" attacks used a
vulnerability that was exposed in NSA documents leaked online.
It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. So far, not many people have paid the ransom demanded by the malware, Europol spokesman Jan Op Gen Oorth told The Associated Press.
Researchers who helped prevent the
spread of the malware and cybersecurity firms worked around the clock
over the weekend to monitor the situation and install the software
patch.
"Right now, just about every IT
department has been working all weekend rolling this out," said Dan
Wire, spokesman at Fireeye Security.
Microsoft
distributed the patch two months ago, which could have forestalled much
of the attack, but in many organizations it was likely lost among the
blizzard of updates and patches that large corporations and governments
strain to manage.
Source: english.alarabiya.net
- Get link
- X
- Other Apps
Comments
Post a Comment