wnol.info November 25 2017


100000 groups in 150 nations hit by cyberattack

November 25 2017, 07:31 | Perry Erickson

AN INTERNATIONAL effort is under way to track down the criminals behind Friday's global cyber-attack that wreaked havoc across the NHS.

Moscow-based Kaspersky Lab detected that variants of a malware called "WannaCry" were used that encrypted the files.

The U.K.'s National Cyber Security Center was "working round the clock" to restore vital health services, while urging people to update security software fixes, run anti-virus software and back up their data elsewhere. Researchers with the security software maker Avast said they had observed more than 126,000 ransomware infections, with 60 % of infected computers located in Russian Federation, followed by Ukraine and Taiwan.

"We have been concerned for some time that the healthcare sectors in many countries are particularly vulnerable". His $11 purchase of the name on Friday activated the domain, which commanded the malware to stop spreading. "We haven't seen anything like this since Conficker in 2008", Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

"This kind of attack is indiscriminate in its nature, it will attack any machine that is not patched for the particular vulnerability", said Owen Connelly, VP Services at the IOActive cybersecurity firm.

In the United States, FedEx acknowledged it had been hit by malware and was "implementing remediation steps as quickly as possible".

Since Friday's breach more than 200,000 victims - including York Teaching Hospital Trust and Hull and East Yorkshire Hospitals NHS Trust - across 150 countries have been infected by the Wanna Decryptor ransomware, also known as WannaCry.

Europol Director Rob Wainwright said the global reach of the attack was "unprecedented", affecting everything from hospitals and schools to auto giants, NBC News reported.

The effects were felt across the globe, with Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the US and French carmaker Renault all reporting disruptions.

In most cases, the only way to regain control of data is to buy the decryption keys from the attackers-unless you have backups, of course. "We are continuing to monitor the situation".

"The ransomware also spreads through malicious attachments to emails", it said. The effects of the attack on Turkey is unclear.

Among those affected by the virus was Nissan UK, but the vehicle manufacturer said there had been no major impact. Last year, cybersecurity companies estimated that ransomware attacks brought in over a billion dollars for cybercriminal networks globally, and they are on target to make even more in 2017. It should be noted that it doesn't help the affected people, but it stops WanaCrypt0r from spreading further.

It's important to point out, however, that the NHS wasn't necessarily specifically targeted.

Local experts on Saturday scrambled to ensure hospitals and other public facilities did not fall victim to the massive ransomware operation, which had seen patients turned away and operations cancelled in Britain. "This is not targeted at the NHS, it's an global attack and a number of countries and organisations have been affected", said Prime Minister Theresa May.

The so-called WannaCry ransomware locks access to user files and demands money - in the form of the virtual currency Bitcoin - in order to decrypt them.

Payment is demanded within three days or the price is doubled, and if none is received within seven days the files will be deleted, according to the screen message.

Code for exploiting that bug, which is known as "Eternal Blue", was released on the internet in March by a hacking group known as the Shadow Brokers.

Users of all versions of Microsoft Windows operating system are notified and need to take immediate measures to install the relevant security updates. Users should download the patch before clicking on any link in email.

Hospitals, companies, universities and governments across almost 100 countries were hounded by a cyberattack that locked computers and demanded ransom. If you are still unaware of this scary rampage, read about WanaCrypt0r ransomware here.

He said NHS systems in Scotland were expected to be recovered by Monday and that patients with appointments should attend as planned.



Other news