The world has just experienced it biggest cyber-attack Friday. The virus, called WannaCry Ransomware, locks users out of their computer files, with hackers demanding ransom before they can regain access. The attack began in the afternoon of Friday, May 12. Among the first to be infected was the National Health Service of the UK. The discovery caused Renault to temporary shut down their factories in France. Other companies followed suit.
22-year old British expert in cyber security who uses the name “Malware Tech” in Twitter immediately created a fix. He said he was able to slow down the attack when he registered a domain name he found in the code of the Ransomware. However, he also said that another attack is likely to come out as hackers work around the fix he established.
Start of the attack
The attack started in Europe. Since its discovery on Friday, some 200,000 individuals and 10, 000 firms have been victimized by the WannaCry Ransomware virus according to Europol. The numbers can go up when people return to their offices on Monday. Reports say that the virus has spread to about 150 countries. Government offices, major companies and hospitals were some of the most badly affected by the virus, disrupting their operation. Taiwan, Ukraine and Russia were the major targets, although the virus is spread over a number of countries and the infection of computers over networks can be massive.
Some of the big ones that have been affected include NHS (UK), Telefónica (Spain), Megafon, Interior Ministry, Russian Railways, Russian Central Bank (Russia), Deutsche Bahn (Germany), gas stations and colleges in China, Fedex and Nissan.
Over the weekend, Asian countries such as Taiwan, South Korea and Japan reported that some firms were already affected by WannaCry.
Europol, the law enforcement agency of the European Union said on Sunday that they were working on a decryption tool and likewise analyzing the virus to identify the hackers. Infections are not yet apparent but numbers are likely to rise as the workweek starts on Monday.
Affected companies and individuals worked over the weekend trying to recover from the virus attack.
This cyber-attack is going to be a sensitive issue for the U.S. The hacker group called Shadow Brokers published the malware’s vulnerability where it was based. They published several spy tools developed by the NSA (National Security Agency).
WannaCry takes advantage of a Microsoft Windows vulnerability. In March, Microsoft released a security patch to address this vulnerability but since not all networks and computers have updated their systems, they are at risk. Microsoft even released patches for computers still running on Windows Server 2003, Windows 8 and Windows XP but the patches will not help if the computers are already infected.
While the initial fix slowed down the progress of the virus, researchers say that two new variations have surfaced. Another domain registration blocked one but the other one has no kill switch. The good news is that it only works partially.
Early victims received a demand for $300 in Bitcoin before they could gain access to their computers. Despite the attack being widespread, it’s estimated that only about $32,000 were raised by the hackers.
While the cyber-attacks were all outside the United States, Steven Mnuchin, the U.S. Treasury Secretary reiterated the importance of cyber security. Rob Wainwright, head of Europol also stressed the same point. He said that all economic sectors and organizations are vulnerable to such attacks and should learn from the previous experiences of the banking industry.