wnol.info October 21 2017


Spain: Massive ransomware attack hits major companies

October 21 2017, 07:18 | Van Peters

Spain: Massive ransomware attack hits major companies

Spain: Massive ransomware attack hits major companies

"The recent attack is at an unprecedented level and will require a complex worldwide investigation to identify the culprits", it said in a statement.

The attacks used a technique known as ransomware that locks users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

Reports indicate that more than 70 countries were infected with this cyber attack, but the Spanish telecoms company, which owns mobile network O2, said it had detected a " cyber security incident" but that clients and services had not been affected.

She also said the ransomware hit was "not targeted" at the health service but was part of a wider assault on organisations across a number of countries, and added that the National Cyber Security Centre (NCSC) is working to support the NHS.

Meanwhile, media in Britain reported Saturday that the Japanese vehicle builder Nissan said its factory in Sunderland, northeast England had been affected by the ransomware attack on computer systems.

US Computer Emergency Readiness Team (USCRT) which is under the Department of Homeland Security, said it had received multiple reports of WannaCry ransomware from many countries around the world.

All told, several cybersecurity firms said they had identified the malicious software in upward of 60 countries, including the United States, though its effects in the USA did not appear to be widespread, at least in the initial hours.

Kaspersky researcher Costin Raiu cited 45,000 attacks in 74 countries as of Friday evening.

Meanwhile, a cyber security researcher is believed to have found a "kill switch" to stop the spread of the WannaCry ransomware for the time being.

Some experts say the attack may have been built to exploit a weakness in Microsoft systems that had been identified by the NSA and given the name EternalBlue.

However, a hacker could change the code to create a new variant and try the ransomware attack again. Also, the fact that a lot of what we have online is now also connected to the Aadhar data of over a billion Indians makes the threat even more real and worrisome.

"I believe many companies have not yet noticed", said William Saito, a cyber security adviser to Japan's government.

"I'm watching how far this propagates and when governments get involved", he said.

South Tees, which runs James Cook and the Friarage Hospitals, said it is not affected, stating: "We have not been infected by the virus and we are doing everything we can to ensure our systems remain as secure as possible".

Friday's wave of attacks hit several high-profile organizations, including Britain's National Health Service (NHS), Russia's interior ministry, French carmaker Renault, Spanish telecommunications giant Telefonica, global shipper FedEx and German rail operator Deutsche Bahn.

Germany's national railway said Saturday that departure and arrival display screens at its stations were affected, but there was no impact on actual train services.

The security firm and others have linked WannaCry to a NSA hacking code known as "Eternal Blue" that was leaked last month by hacking group Shadow Brokers. Microsoft swiftly announced that it had already issued software "patches" to fix those holes, but many users haven't yet installed updates or still use older versions of Windows.

A spokesman for Barking, Havering, and Redbridge University Hospitals Trust (BHRUT) told the Guardian its systems had been "largely unaffected", but King George and Queen's Hospitals were facing the "additional pressure" of patients from Whipps Cross.

He said it's likely the ransomware will spread to US firms too.

The sort of ransom demands have been growing precedent at medical facilities.



Other news